Skip to content

Adding and Managing NatCom Users

Jump to bottom
afwilcox edited this page Nov 26, 2024 · 1 revision

Introduction to adding new users

The current process for adding users to the system is manual. Portions of this page will eventually be replaced with application functionality.

There are 3 steps to adding a user to the NatCom application

  1. Add to Single Sign-on
  2. Add to NatCom Database
  3. Add to COMS

Adding a user to Single Sign-on

  1. Navigate to Common Hosted Single Sign-on (CSS): https://bcgov.github.io/sso-requests.

  2. Ensure the Compliance and Enforcement project is selected if you have access to multiple SSO Integrations

image

  1. Click on the "Assign Users to Roles" tab and ensure the correct environment is selected. Perform a search for the user.

image

  1. (Optional) If the user cannot be found, click on the "Search in IDIM Web Service Lookup" button

image

  1. (Optional) Search for the desired user and press the download button to add them to Single Sign-On

image

  1. Click on the User and assign them a role from the dropdown. See Roles for more information about roles

image

Adding a user to NatCom Database

The following tables need to have records inserted:

  • person
  • officer

INSERT INTO public.person ( person_guid, first_name, middle_name_1, middle_name_2, last_name, create_user_id, create_utc_timestamp, update_user_id, update_utc_timestamp ) VALUES ( '6fd73cad-cbc7-49f1-888a-b24dc8abd824'::uuid, 'Frodo', NULL, NULL, 'Baggins', 'FLYWAY', '2023-06-29 22:16:16.754', 'FLYWAY', '2023-06-29 22:16:16.754' ) ON CONFLICT DO NOTHING;

INSERT INTO public.officer ( officer_guid, user_id, create_user_id, create_utc_timestamp, update_user_id, update_utc_timestamp, person_guid, office_guid, auth_user_guid ) VALUES ( 'efcbaae4-505b-4db3-b036-7ec8b8dd8c6d'::uuid, 'FBAGGINS', 'FLYWAY', '2023-06-29 22:16:16.754', 'FLYWAY', '2023-06-29 22:16:16.754', '6fd73cad-cbc7-49f1-888a-b24dc8abd824'::uuid, 'c3d8519c-73cb-48a1-8058-358883d5ef4f'::uuid, 'ef0bc810-58a7-4080-ad7a-b5bbdd0d2efe'::uuid ) ON CONFLICT DO NOTHING;

Important Notes:

  • Both the person_guid and the officer_guid should NOT be generated via a database function to avoid duplicate data being inserted.
  • The following fields are required:
    • person.person_guid
    • person.first_name
    • person.last_name
    • person.create_user_id
    • person.create_utc_timestamp
    • officer.officer_guid
    • officer.user_id
    • officer.create_user_id
    • officer.create_utc_timestamp
    • officer.person_guid
    • officer.auth_user_guid
  • officer.person_guid must match person.person_guid
  • officer.office_guid:
    • Is required for COS users and should correspond to the entry in the office table that represents the community they are assigned to.
    • For CEEB users this value should be null.
    • For production support staff that are not COS or CEEB users the COSHQ office can be used, or the value can be null.
  • the value used for officer.auth_user_guid is their IDIR guid and can be found from Single Sign-On page described in the previous section. After searching (and possibly importing) the user, click the eye icon to bring up their details and find the guid

image image

Adding a user to COMS

See COMS Section). For more information on COMS and buckets.

The following COMS API calls are required to setup a user:

  • GET /user -- Find their internal COMS user GUID. This will not return any data until COMS "knows" about the user. In other words, the user has to log into NatCOM first for this search to return any data. The following parameters are recommended.
    • lastName - the last name of the user you wish to search
    • firstName (optional) - the first name of the user you with to search

This will return data that looks like this - the key information you need for this call is the UserId:

[ { _**"userId": "9be98a83-1057-4559-bb50-cae5ce07ae40",**_ "identityId": "D1691F96AC544D8A86834318E21151FA", "idp": "idir", "username": "d1691f96ac544d8a86834318e21151fa@idir", "email": "[email protected]", "firstName": "Alec", "fullName": "Wilcox, Alec MOTI:EX", "lastName": "Wilcox", "active": true, "createdBy": "00000000-0000-0000-0000-000000000000", "createdAt": "2024-03-14T18:53:46.045Z", "updatedBy": null, "updatedAt": null }]

  • PUT /permission/bucket/{bucketId} -- Adds permissions to bucket. The following parameters are required in array form.
    • userId - The COMS Unique User GUID from the previous call
    • permcode - READ for read only users or READ, CREATE, UPDATE, DELETE for other users.

Here is a sample input:

[ { "userId": "87cd57d6-ab60-4ff3-83e9-8b20505fe30d", "permCode": "READ" }, { "userId": "87cd57d6-ab60-4ff3-83e9-8b20505fe30d", "permCode": "CREATE" }, { "userId": "87cd57d6-ab60-4ff3-83e9-8b20505fe30d", "permCode": "UPDATE" }, { "userId": "87cd57d6-ab60-4ff3-83e9-8b20505fe30d", "permCode": "DELETE " } ]

Clone this wiki locally