Creating a RESTful API to enable and disable dotCMS users using velocity
Many dotCMS applications have front end users with elevated permissions that manage other users.
While dotCMS makes it quite trivial to display user information on the front end, editing and disabling users requires a little extra work.
By putting this velocity code:
#if($cmsuser.hasRole("CMS Administrator"))
#set($userId = $request.getParameter("userId"))
#if("$!userId" ne "")
#set($u = $cmsuser.getUserByUserId($userId))
$u.setActive(false)
{ "status": "success", "userId": "$userId"}
#else
{ "status": "error", "message": "there was no userId sent" }
#end
#end
on a new, blank page, you have just set a system where users with the "CMS Administrator" role can use ajax to diasable other users.
A simple example on how to use this (using jQuery) would be:
$.ajax({
type: "POST",
url: "/url/to/page/with/velocity/?uerID=" + userID_to_disable,
dataType: "json",
success: function (data) {
if (data.status == "success") {
alert("User: " + data.userId + " deactivated");
} else {
alert("Error: " + data.message);
}
},
error: function (xhr, ajaxOptions, thrownError) {
alert(xhr.status + ". Thrown Error: " + thrownError)
}
});