1

In my current setup I am using Nuxeo with LDAP and CAS integration. Now my requirement is, for some scenarios one user upload the document after login but after certain period of time due to company change the user id may change for that user but will remain part of same tenant. So, after change of the user id too the user wants to see the documents uploaded with earlier user id. A example given below.

User Name:

user1@abc.com –> Uploaded a document name “User1ABC”

user2@abc.com –> Uploaded a document name “User2ABC”

Now due to business need the user name (domain name) may change in the system.

user1@abc.com –> Becomes user1@xyz.com

user2@abc.com –> Becomes user2@xyz.com

In this scenario also the user1 & user2 would like to see the documents uploaded during the earlier user name(user1@abc.com & user2@abc.com).

when this domain name change it will be applicable for all the users under that tenant.

So, how we could achieve that though program or with some other API.

Souvik
  • 1,219
  • 3
  • 16
  • 38

1 Answers1

1

If it's a single shot migration and you're running with a VCS repository (Postgres for instance), you can execute the following request on the acls table :

UPDATE acls SET user="user1@xyz.com" WHERE user = "user1@abc.com"

Depending on where you store your users, you can automate that with a Postgres plpg/SQL procedure iterating over the users table :

CREATE OR REPLACE FUNCTION migrate_user(from_domain varchar, to_domain varchar) 
RETURNS integer
AS $$
DECLARE
 u RECORD;
 i int;
BEGIN
    i := 0;
    FOR u IN (SELECT username
                             FROM user
                            WHERE username like '%@'+ from_domain) LOOP

        UPDATE acls SET "user"=replace(u.username,from_domain,to_domain) WHERE user = u.username;
        i := i + 1;
    END LOOP;
    COMMIT;
    # Rebuild the read ACLs optimization
    SELECT nx_rebuild_read_acls();
    RETURN i;
END;
$$ LANGUAGE plpgsql;

I did not test the function (it compiles ;-)), but the idea is here and should work.

After that, restart the Nuxeo server so that all cache is resetted.

Damien Metzler
  • 11
  • 1
  • For my configuration no explicit repository set. It's using the default one. I also tried the above mentioned approach by replacing the user name in all places in my table. With this approach, I am able to login with the new user but not been able to see the document uploaded by the user before the user name changed. – Souvik Jan 01 '17 at 21:09
  • So if your table are in Postgres, you should also launch the nx_rebuild_read_acls() function. In H2 (default impl) there's no read acls optimization so it should not be mandatory. – Damien Metzler Jan 02 '17 at 17:48
  • I am using mysql. – Souvik Jan 03 '17 at 20:24
  • Hi, Any help on the process to change the owner name. – Souvik May 09 '17 at 04:39