2
votes

I have use case where I need to create a role, create a user in crm instance and associate role to user.

I have explored api to create user and create role.

Below is the code :

private void createUser(IntegrationUserDTO integrationUserDTO, STSDto stsDetails, CRMAuthContext crmAuthContext)
            throws IntegrationsException {
        Map<String, Object> requestBody = new HashMap<>();
        URI uri = new MSCRMHttpDelegate().odataUriBuilder(crmAuthContext.getCrmApiUrl())
                .appendEntitySetSegment("systemusers").build();
        HttpPost httpPost = new HttpPost(uri.toString());
        httpPost.setHeader("Authorization", "Bearer " + crmAuthContext.getAccessToken());
        httpPost.setHeader("Accept", MediaType.APPLICATION_JSON);
        httpPost.setHeader("OData-MaxVersion", "4.0");
        httpPost.setHeader("OData-Version", "4.0");
        httpPost.setHeader("Content-Type", "application/json");

        requestBody.put("accessmode", "4");
        requestBody.put("applicationid", UUID.fromString(stsDetails.getClientId()));
        requestBody.put("firstname", integrationUserDTO.getUsername());
        requestBody.put("lastname", integrationUserDTO.getSecretToken());
        requestBody.put("internalemailaddress", integrationUserDTO.getExtraParams());
        requestBody.put("isintegrationuser", true);
        MSCRMUser user = getBusinessUnitId(crmAuthContext);

        if (StringUtils.isNoneBlank(user.getBusinessUnitId())) {
            requestBody.put("[email protected]",
                    "/businessunits(" + UUID.fromString(user.getBusinessUnitId()) + ")");
        }

        if (StringUtils.isNoneBlank(user.getOrganizationId())) {
            requestBody.put("organizationid", UUID.fromString(user.getOrganizationId()));
        }

        try {
            httpPost.setEntity(new StringEntity(
                    new GsonBuilder().excludeFieldsWithoutExposeAnnotation().create().toJson(requestBody)));

            try (CloseableHttpResponse response = httpClient.execute(httpPost)) {
                if (response.getStatusLine().getStatusCode() >= 400) {
                    log.info("error in adding privileges to role at microsoft instance =");
                    throw new IntegrationsException(IntegrationsErrorCode.CRM_UNAUTHORIZED_ACCESS);
                }
            }
        } catch (Exception e) {
            throw new IntegrationsException(IntegrationsErrorCode.INTERNAL_ERROR, e);
        }
    }

private void createRole(IntegrationUserDTO integrationUserDTO, STSDto stsDetails, CRMAuthContext crmAuthContext)
            throws IntegrationsException {
        Map<String, Object> requestBody = new HashMap<>();
        requestBody.put("name", ROLE_NAME);
        MSCRMUser user = getBusinessUnitId(crmAuthContext);
        if (StringUtils.isNoneBlank(user.getBusinessUnitId())) {
            requestBody.put("[email protected]",
                    "/businessunits(" + UUID.fromString(user.getBusinessUnitId()) + ")");
        }
        if (StringUtils.isNoneBlank(user.getOrganizationId())) {
            requestBody.put("organizationid", UUID.fromString(user.getOrganizationId()));
        }
        URI uri = new MSCRMHttpDelegate().odataUriBuilder(crmAuthContext.getCrmApiUrl()).appendEntitySetSegment("roles")
                .build();
        HttpPost httpPost = new HttpPost(uri.toString());
        httpPost.setHeader("Authorization", "Bearer " + crmAuthContext.getAccessToken());
        httpPost.setHeader("Accept", MediaType.APPLICATION_JSON);
        httpPost.setHeader("OData-MaxVersion", "4.0");
        httpPost.setHeader("OData-Version", "4.0");
        httpPost.setHeader("Content-Type", "application/json");

        try {
            httpPost.setEntity(new StringEntity(
                    new GsonBuilder().excludeFieldsWithoutExposeAnnotation().create().toJson(requestBody)));

            try (CloseableHttpResponse response = httpClient.execute(httpPost)) {
                if (response.getStatusLine().getStatusCode() >= 400) {
                    log.info("error in adding privileges to role at microsoft instance =");
                    throw new IntegrationsException(IntegrationsErrorCode.CRM_UNAUTHORIZED_ACCESS);
                }
            }
        } catch (Exception e) {
            throw new IntegrationsException(IntegrationsErrorCode.INTERNAL_ERROR, e);
        }
    }

I'm unable to find any Rest API to associate a user to a role. I have seen soap API's but I didn't see any rest APIs. I have explored in Dynamics CRM docs I have not seen anything related to role association to the entity. Do any one know any rest api to associate role to user?

2

2 Answers

6
votes

You can use the Web API to send a request to associate the user with a given role.

The relationship between user and role is called systemuserroles_association. You should thus send a request of the following format:

POST [Organization URI]/api/data/v9.0/systemusers(00000000-0000-0000-0000-000000000002)/systemuserroles_association/$ref HTTP/1.1   
Content-Type: application/json   
Accept: application/json   
OData-MaxVersion: 4.0   
OData-Version: 4.0  

{  
"@odata.id":"[Organization URI]/api/data/v9.0/roles(00000000-0000-0000-0000-000000000001)"  
}