You have been redirected from an outdated version of the article. Below is the content available on this topic. To view the old article click here.

Users and Groups

To create a user, navigate to the Users and Groups view via the main menu and click on Add User.

A new user will be created with a random default name. You can now rename the user.

First lookup the admin user (or any other user you like to change the password for):

$ curl -HX-User:admin -HX-Password:admin http://<hostname>:<port>/structr/rest/users?name=admin
{
    "query_time": "0.002282709",
    "result_count": 1,
    "result": [
    {
        "type": "User",
        "name": "admin",
        "salutation": null,
        "firstName": null,
        "middleNameOrInitial": null,
        "lastName": null,
        "id": "f02e59a47dc9492da3e6cb7fb6b3ac25"
    }],
    "serialization_time": "0.000288091"
}

Then issue a PUT request on the object, using the UUID of the user as reference.

In Structr, all database objects have a unique ID (random version 4 UUID without hyphens).

$ curl -i -HX-User:admin -HX-Password:admin -XPUT 
http://<hostname>:<port>/structr/rest/users/f02e59a47dc9492da3e6cb7fb6b3ac25 
-d '{"password":"secret"}'

HTTP/1.1 200 OK
Set-Cookie: JSESSIONID=1vld2piha8che7mhlo1lt0agr;Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 0
Server: Jetty(9.1.3.v20140225)

If we issue the GET request from above again, using the old credentials admin/admin, we see that we’re not able see the user data anymore.

$ curl -i -HX-User:admin -HX-Password:admin http://<hostname>:<port>/structr/rest/users?name=admin
HTTP/1.1 401 Unauthorized
Set-Cookie: JSESSIONID=1mebd77ksm9v2dwgxyc3r6tua;Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 133
Server: Jetty(9.1.3.v20140225)

{
    "code": 401,
    "message": "Wrong username or password, or user is blocked. Check caps lock. Note: Username is case sensitive!"
}

Using the new password, it works:

$ curl -i -HX-User:admin -HX-Password:secret http://<hostname>:<port>/structr/rest/users?name=admin
HTTP/1.1 200 OK
Set-Cookie: JSESSIONID=wecd8ce161qb1m06g6v1c2r1j;Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: application/json; charset=utf-8
Vary: Accept-Encoding, User-Agent
Transfer-Encoding: chunked
Server: Jetty(9.1.3.v20140225)

{
    "query_time": "0.002020017",
    "result_count": 1,
    "result": [
    {
        "type": "User",
        "name": "admin",
        "salutation": null,
        "firstName": null,
        "middleNameOrInitial": null,
        "lastName": null,
        "id": "f02e59a47dc9492da3e6cb7fb6b3ac25"
    }],
    "serialization_time": "0.000170156"
}

To set the password of a user, navigate to the Users and Groups view and hover over the user you want to change the password for.

Click on the properties icon ().

In the Edit Properties dialog, activate the Node Properties tab, scroll to the line with the Password key and enter the new password into the value field.

Please Note: While you’re typing, you can see the new password you’re entering. The existing password will never be displayed. Structr does not store cleartext passwords but only a hash value. The hash value also is never being displayed in the UI.
To create a group, navigate to the Users and Groups view via the main menu and click on Add Group.

A new group will be created with a random default name. You can now rename the group.
To add a user to a group, simply drag and drop the user element onto the desired group element.

Access rights granted to a group are inherited to all users in this group.
Structr provides built-in management of users and groups. Creating users and groups is as simple as clicking on the respective buttons and renaming the new object by clicking on the name and hit enter or tab after chaging it.

To allow a user to login, you need to set a password.

A user can be added to a group by dragging the user element and dropping it onto the desired group.

Search results for "Users and Groups"

Users and Groups

The Users and Groups tab has two subsections: The left section lists all system users that exist in the database. Users can be created by clicking on the "Add User" button on top of the list and deleted by clicking on the delete button which appears when you hover over the user element.

A user’s attributes like name, eMail or password can be edited via the Edit Properties dialog. Here a user can be given admin permissions by activating the isAdmin flag.

In the section on the right, user groups can be created and managed. Groups can contain users and other groups which can be added and removed via drag-and-drop. This allows the creation of a group hierarchy and thus a very flexible and versatile security system.

Security: Users and Groups

User self-registration

Instead of creating users in the Structr backend manually in the Users and Groups section of Structr’s admin UI, you can allow users to sign-up/self-register. The registration process uses double-opt in by default. All you need is a simple page where new users can enter their e-mail address so Structr can send them an e-mail with a confirmation link.

The following pre-defined MailTemplate keys can be used to configure the self-registration process. In version 4.0 they have been renamed to have a more uniform structure.

Note: The Mail Configuration Settings have to be done for self-registration mails to be sent.

Name	Old Name (removed as of v4.1)	Used as	Default
CONFIRM_REGISTRATION_SENDER_ADDRESS	SENDER_ADDRESS	The sender address of the registration mail	`structr-mail-daemon@localhost`
CONFIRM_REGISTRATION_SENDER_NAME	SENDER_NAME	The sender name of the registration mail	`Structr Mail Daemon`
CONFIRM_REGISTRATION_SUBJECT	SUBJECT	The subject of the registration mail	`Welcome to Structr, please finalize registration`
CONFIRM_REGISTRATION_TEXT_BODY	TEXT_BODY	The plaintext body of the registration mail	`Go to ${link} to finalize registration.`
CONFIRM_REGISTRATION_HTML_BODY	HTML_BODY	The HTML body of the registration mail	`<div>Click <a href='${link}'>here</a> to finalize registration.</div>`
CONFIRM_REGISTRATION_BASE_URL	BASE_URL	Used to build the `link` variable	`${base_url}`
CONFIRM_REGISTRATION_TARGET_PAGE	TARGET_PAGE	the `target` parameter value for the redirection target page name	`register_thanks`
CONFIRM_REGISTRATION_ERROR_PAGE	ERROR_PAGE	the `error` parameter value for the error redirection target page name	`register_error`

Notes:

The visibility flags of these MailTemplates are ignored because the self-registration mail is created as a privileged user.
A special link variable is provided for the TEXT_BODY and HTML_BODY templates and can be output with the usual syntax: ${link}
- Example link: https://support.structr.com/confirm_registration?key=<CONFIRM_KEY>&target=/dashboard&onerror=/register-error
From v4.1 scripting is enabled in two templates: CONFIRM_REGISTRATION_TEXT_BODY and CONFIRM_REGISTRATION_TEXT_BODY. The script is being run in the context of the user (me keyword points to the user).
In any version prior to 4.1 scripting can not be used and simple text replacement is done

Handling User Sessions: User self-registration

General

ldap.host	Address of the LDAP host.
ldap.port	Port of the LDAP host.
ldap.connectiontimeout	Connection timeout in milliseconds.
ldap.binddn	DN that is used to authenticate synchronization.
ldap.secret	Used in conjunction with bind DN to handle authentication.
ldap.usessl	Enables SSL for the LDAP connection.
ldap.scope	Specifies the LDAP scope. Defaults to “SUBTREE”.
ldap.primarykey	Name of primary identification property of LDAP objects, must uniquely identify users and groups.
ldap.propertymapping	Mapping from LDAP properties to Structr properties.
ldap.groupnames	LDAP objectclass tuples for group and member identification.
ldap.updateinterval	Update interval for group synchronization in seconds.

Configuration Settings: General

Security: General