SDK Site Administration
Danger
ONLY users with Admin class, are enabled to access the site administration section, including managing users.
To access this, select the button.
This displays the site administration options tool bar and opens the Manage Users window by default:
Manage Users | Manage the users - block/delete the selected users or edit a user profile |
Authorities | Manage user authorities and permissions for source files and programs |
Edit Consumer Template | Edit the standard template for Consumer |
Edit Provider Template | Edit the standard template for Provider |
Edit Site | Edit the configuration settings for the application |
Import v12 Specs | Bulk import of V12 SDK specs into v14 |
2024-04-30T10:28-V14.0.0-9b1548a | The build Date of the SDK and the commit hash |
Manage Users
Manage user accounts, permissions, and access within the SDK console application. The Manage Users interface provides comprehensive user administration capabilities for system administrators.
To access the user management interface, click the Manage Users button in the site administration toolbar.
User Management Interface
The Manage Users interface displays a comprehensive list of all users in the system, allowing administrators to:
- View user account information including username, name, email, and activation status
- Activate or deactivate user accounts
- Edit user profiles and default settings
- Delete user accounts (except system accounts)
- Search and filter users by username
- Sort users by various criteria
User Actions
Note
Any of the User Actions below require you to provide your login password to authorize the change.
Action | Description |
---|---|
/ | Activate/Deactivate User - Toggle user account status between active and inactive. Active users can log in and use the system, while inactive users are locked out. System accounts (lxradmin, MDRDFTUSR) cannot be deactivated. |
Edit User Profile - Modify user account settings including user class, default paths, language preferences, and server configurations. | |
Delete User - Permanently remove a user account from the system. System accounts (lxradmin, MDRDFTUSR) cannot be deleted for security reasons. |
User Account Management
User Status Management: - Active Users: Can log in and access the SDK console functionality - Inactive Users: Cannot log in and are locked out of the system - System Protection: Core system accounts (lxradmin, MDRDFTUSR) are protected from deactivation and deletion
User Search and Filtering: - Use the search box to filter users by username (case-insensitive) - Sort users by Username, Name, Email, or Status - Navigate through multiple pages of users using pagination controls
Edit Profile
The Edit Profile dialog allows administrators to modify user account settings and default configurations. Access this dialog by clicking the edit (pencil) icon next to any user in the user list.
Profile Fields:
Field | Description |
---|---|
Email address associated with the user account (for reference only, not used for authentication) | |
User Class | Defines the user's permission level within the system. Select from dropdown: • Admin: Full administrative access including site administration • User: Standard user access for creating and managing specs • Developer: Developer-level access with additional development tools |
Source File | Default source file path used when the user creates new Consumer or Provider specifications |
Object Library | Default object library path used when the user creates new Consumer or Provider specifications |
Language | Default programming language for code generation (RPGLE, COBOL, etc.) |
Server URL | Default Server/API URL endpoint used when the user creates new Provider specifications |
Profile Management: - Changes take effect immediately upon saving - Users will see the updated default values when creating new specifications - System accounts (lxradmin, MDRDFTUSR) have limited editable fields for security
User Management Procedures
Activating/Deactivating Users: 1. Locate the user in the user list 2. Click the lock/unlock (/) icon next to the user 3. Provide your login password when prompted 4. Confirm the status change
Editing User Profiles:
-
Click the edit icon next to the user you want to modify
-
Update the desired fields in the Edit Profile dialog
-
Provide your login password when prompted
-
Click Save to apply changes
Deleting User Accounts:
-
Click the delete icon next to the user you want to remove
-
Provide your login password when prompted
-
Confirm the deletion (this action cannot be undone)
Security Considerations:
-
All user management actions require administrator password confirmation
-
System accounts (lxradmin, MDRDFTUSR) are protected from modification
-
User class changes affect immediate access permissions
-
Deactivated users lose access immediately upon status change
Authorities
SDK Generation Authorities Overview
The SDK Generation Authorities provide a granular mechanism for setting source file and generated object authorities from the SDK console. This system offers both site-wide settings and user-specific overrides, with a hierarchical checking system that first checks user-level settings and then falls back to site-wide defaults.
No Authorities Set
If no authorities have been set in the MDRDAUTH file, the generator will use the following authorities by default:
Element | OWNER | *PUBLIC Authority |
---|---|---|
SRCFILE | User logged into SDK is made OWNER | *CHANGE |
Generated program | User logged into SDK is made OWNER | *CHANGE |
Key Features:
-
Hierarchical Authority Resolution: User-specific authorities take precedence over site-wide settings
-
Application Storage Integration: Authority values are set and stored during the login process
-
Granular Control: Separate authority settings for source files and generated program objects
-
Flexible Configuration: Supports both individual user overrides and system-wide defaults
To access the Authorities management interface, click the Authorities button in the site administration toolbar.
Authority Management Interface
The Authorities interface provides a comprehensive view of all user authorities in the system, allowing administrators to:
- View all existing authorities with their permissions
- Add new authorities for users or the site
- Edit existing authority permissions
- Delete authorities (except system authorities)
Authority Fields
Field | Description |
---|---|
Value | The user identifier or authority name (e.g., USERNAME, *SITE) |
Type | The authority type - typically USER for individual users or SITE for site-wide authorities |
Source File Owner | The owner authority required for source file access |
Source File Public | The public authority level for source files. Valid values: • EXCLUDE: No access • USE: Read-only access • CHANGE: Read and write access • ALL: Full access including delete |
Program Owner | The owner authority required for program access |
Program Public | The public authority level for programs. Valid values: • EXCLUDE: No access • USE: Read-only access • CHANGE: Read and write access • ALL: Full access including delete |
Authority Actions
Note
Any Authority Actions below require you to provide your login password to authorize the change.
Action | Description |
---|---|
Edit Authority - Modify the permissions for an existing authority | |
Delete Authority - Remove an authority (system authorities like *SITE cannot be deleted) | |
Add Authority - Create a new authority with specified permissions |
Adding a New Authority
When adding a new authority:
- Click the Add Authority button
- Fill in the required fields:
- Value: Enter the user identifier (will be converted to uppercase)
- Type: Select the authority type (*USER recommended)
- Source File Owner: Specify the source file owner authority
- Source File Public: Set the public access level (EXCLUDE, USE, CHANGE, ALL)
- Program Owner: Specify the program owner authority
- Program Public: Set the public access level (EXCLUDE, USE, CHANGE, ALL)
- Provide your login password when prompted
- Click Save to create the authority
Editing an Authority
To modify an existing authority:
- Click the edit (pencil) icon next to the authority you want to modify
- Update the desired fields in the edit dialog
- Provide your login password when prompted
- Click Save to apply the changes
Authority Types and Permissions
- User-specific authorities: Named after individual users (e.g., "JOHNDOE")
- Site-wide authorities: Use *SITE as the value for system-wide permissions
- Permission levels:
- *EXCLUDE: No access (cannot read, write, or execute)
- *USE: Read-only access (can view but not modify)
- *CHANGE: Read and write access (can view and modify)
- *ALL: Full access including delete (complete control)
Edit Consumer Template
Use this option to edit the standard template for "Consumer"
Edit Provider Template
Use this option to edit the standard template for "Provider"
Edit Site
Enter/edit the values to set the configuration for the application.
Base Path | The absolute path where the application is installed on the IBMI server eg. /www/mdrstt12/ |
Session Timeout | Length of the session, the session timeout duration in hours |
IBMI Base | The base address that connects the UI to the MDREST4i API generators |
Rest4i Username & Password | Credentials to login to the your IBMI machine running MDREST4i API generators. |
Object required | If checked, the application will let the user to create an MDCMS object request. This activates the Submit Object Button in the generate tab |
Force Object request | If checked, the application will not let the user create an API unless the MDCMS object request is created. |
MDCMS Base | Enter the URL to the MDMCS RESTAPI server. Firstly verify the MDCMS RESTAPI server is running. Use the value of Server URL from this MDCMS config screen ![]() |
MDCMS API Token | The authorization bearer token value for making any request to any MDCMS API. |
OAPI attribute | The MDCMS attribute used to check out the OAPI/SWAGGER specification |
Documenter Base | Base address of the MDREST4i SDK portal application. |