This tutorial shows how to use the web REST API provided by Bonita BPM 6 in order to create new accounts in Python. You need to have a working Bonita BPM 6 to test the code below. This can be done with Bonita BPM Studio after deploying Bonita BPM Portal.
This example is run on a Linux distribution (Ubuntu 12.04 LTS).
The official documentation is available here http://documentation.bonitasoft.com/web-rest-api
Note: I'm not a Python developer and there are always many ways to accomplish the same thing. Don't hesitate to improve this example!
Useful modules
The following Python modules will be helpful:
- argparse
- httplib2
- json
- urllib
Authentication
Before going further, log in and retrieve the corresponding cookie. You can do it this way:
def portal_login(url,username,password,disable_cert_validation):
http = httplib2.Http(disable_ssl_certificate_validation=disable_cert_validation)
API="/loginservice"
URL=url+API
body={'username': username, 'password': password, 'redirect': 'false'}
headers={"Content-type":"application/x-www-form-urlencoded"}
response, content = http.request(URL,'POST',headers=headers,body=urllib.urlencode(body))
if response.status!=200:
raise Exception("HTTP STATUS: "+str(response.status))
return response['set-cookie']
If you run the Bonita BPM Portal from Studio, you can use these parameters:
- url=http://localhost:8080/bonita
- login=walter.bates
- password=bpm
disable_cert_validation should be set to false by default. It's useful only for test purposes, when we use a self-signed certificate.
Create a user
Use the following function to create a user using the previous cookie:
def create_user(url,cookie,username,password,firstname,lastname,disable_cert_validation):
http = httplib2.Http(disable_ssl_certificate_validation=disable_cert_validation)
API="/API/identity/user/"
URL=url+API
headers={"Content-type":"application/json",'Cookie': cookie}
data={"userName":username,"password":password,"firstname":firstname,"lastname":lastname, "enabled": "true"}
data = json.dumps(data)
response, content = http.request(URL, 'POST',headers=headers, body=data)
if response.status!=200:
raise Exception("HTTP STATUS: "+str(response.status)+" "+content)
else:
data = json.loads(content)
return data['id']
Add a user to a profile
Retrieve a profile id
This function return the profile id, this way we can search for both Administrator and User profile:
def get_profile_id(url,cookie,name,disable_cert_validation):
http = httplib2.Http(disable_ssl_certificate_validation=disable_cert_validation)
API="/API/userXP/profile"
params="?f=name="+str(name)
URL=url+API+params
headers={"Content-type":"application/x-www-form-urlencoded",'Cookie': cookie}
response, content = http.request(URL, 'GET',headers=headers)
data = json.loads(content)
try:
return data[0]['id']
except Exception, e:
return None
Link the user to a profile
This last function permits to link the user previously created using its id and the profile id retrieved before:
def add_user_to_profile(url,cookie,uid,pid,disable_cert_validation):
http = httplib2.Http(disable_ssl_certificate_validation=disable_cert_validation)
API="/API/userXP/profileMember/"
URL=url+API
headers={"Content-type":"application/json",'Cookie': cookie}
data={"profile_id":pid,"member_type":"USER","user_id": uid}
data = json.dumps(data)
response, content = http.request(URL, 'POST',headers=headers, body=data)
if response.status!=200:
raise Exception("HTTP STATUS: "+str(response.status)+" "+content)
Full example
You can download a full example here: create_bonita_account.py
usage: create_bonita_account.py --login install --password install --url
http://example.com:8080/bonita --new_login
john.smith --new_password mysecret --firstname
John --lastname Smith [-h]
[--disable_ssl_certificate_validation]
[--is_admin]
Create a Bonita account
required arguments:
--login install Account used to authenticate you on Bonita
--password install Password used with your account
--url http://example.com:8080/bonita
Bonita BPM url
--new_login john.smith
New account that will be created
--new_password mysecret
Password used for the new account
--firstname John First name used for the new account
--lastname Smith Last name used for the new account
optional arguments:
-h, --help Show this help message and exit
--disable_ssl_certificate_validation
Used this only for tests with a self-signed
certificate
--is_admin Assign user to Administrator profile
To create a new account with the Administrator profile, you can launch a command like:
./create_bonita_account.py --login walter.bates --password bpm --url http://localhost:8080/bonita --new_login john.smith --new_password pass --firstname John --lastname Smith --is_admin
If you use an url in https with a self-signed certificate, it may raise this error:
httplib2.SSLHandshakeError: [Errno 1] _ssl.c:504: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
You can avoid this verification (for test only!) using the parameter "--disable_ssl_certificate_validation".