Renaming users via sling

Question

We have an external identity management system which has to manage the lifecycle of users in CQ5 using Sling and REST.

We are able to create and delete users and groups with

• Create

  POST http://$host:$port/libs/cq/security/authorizables/POST 
  
  Content: rep:userId=example@example.org&givenName=Example&familyName=Example&email=example@example.org&rep:password=random
  

• Delete

  POST http://$host:$port/home/users/e/example@example.org.delete.json
  Content: deleteAuthorizable=1
  

Our problem is that we did not find out how to rename a user (or a group).

How can we rename a user?

The only solution we found would be to

1. list all the group memberships of a user
2. delete the user
3. create a new user
4. recreate all the group memberships

Although this solution could work it will most likely pose some performance problems (we have more than 70K users and more than 15K groups). If this is the only solution: how can we perform the first step (list all the memberships) efficiently via REST

Answer 1

Know that this doesn't provide a solution to your issue, but just to point out that renaming via REST seems to be a no-go. The docs seem to be fairly explicit on it:

The jackrabbit-usermanager bundle delivers a REST interface to create, update and delete users and groups in the JCR.

To update an existing user POST a request to /system/userManager/user/username.update.. You can NOT update the username or the password (see Change Password below) only the additional properties are updateable through this URL.

Though on the same page, it does seem that a query for a particular user should bring back their group membership:

$ curl http://localhost:8080/system/userManager/user/admin.tidy.1.json

{
    "memberOf": [],
    "declaredMemberOf": []
}

Not sure if CQ locks down access to user info in this way.