Users

All Fusion requests must come from a registered user. Fusion stores user information in Apache ZooKeeper.

User Information

Each User entry in ZooKeeper entry contains the following:

  • id: a globally unique user ID (UUID), created by Fusion based on username, realm-name.

  • realm-name: the Fusion Security Realm name, default is "native".

  • username: the username string, unique within the specified security realm.

  • permissions: list of permissions which have been explicitly assigned to that user via the Fusion admin module.

  • role-names : list of all roles assigned to that user via the Fusion admin module.

  • created-at: timestamp, created by Fusion.

  • updated-at: timestamp for last edit, created by Fusion.

The following JSON shows the ZooKeeper record for the Fusion admin user:

{
  "id":"57f539d2-3f53-4011-ad6f-257a3f00fc6b",
  "username":"admin",
  "realm-name":"native"
  "password-hash":"$2a$08$3I82umlXLPSshQIW6ngj.Or06DOVgDLGohGmCB9GC0yRtvy5Nfkn6",
  "permissions":[],
  "role-names":["admin"],
  "created-at":"2016-01-28T00:00:18Z"
}

The following JSON shows the ZooKeeper record for a user entry managed by Fusion:

{
  "id":"ae9b345a-79e2-4e6d-8620-e6ed4ed2cc16",
  "username":"firstname.lastname",
  "realm-name":"lwLDAP",
  "permissions":[{"path":"collections/**","methods":["GET"]}],
  "role-names":[],
  "created-at":"2016-04-01T21:17:36Z"
  "updated-at":"2016-04-01T21:42:15Z",
}

Managing Users in the Fusion-UI

Only Fusion users with admin privileges can manage users.

Roles are managed in the "USERS" panel of the Fusion UI "Access" component.

New users can only be added to Fusion’s native realm; all other user accounts are created automatically upon first login by the domain user. When creating a new user, you must provide a unique username and valid password. All other information is optional, however, unless either roles or permissions are specified, this user won’t be able to do anything in Fusion.

To manage an existing user, chose that username from the listing of all existing users in the "USERS" panel of the Fusion UI "Access" component. This opens User editor panel. Roles and permissions can be updated in order to override defaults assigned according to security realm membership.

Managing Users via HTTP Requests to the Users API

See page Users API.