[Fiware-lab-federation-nodes] Instructions to upgrade Community users

[Álvaro Alonso]

Dear IOs,

I include below detailed instructions regarding how to upgrade users to community. 

Please, note that actions like searching a user or project are usually done using Horizon filters. However, due to large number of entities we currently have in our Keystone instance, rendering those amount of users/projects in the interface is not feasible. For that reason we have enabled a pagination to display some entities (projects and users). Unfortunately, the filter just acts over the rendered entities so it is not posible to use it to find users or projects globally. 

Instructions: 

1. If the user is not created you have to create it.
2. If the user doesn’t have an associated project to create cloud resources, you have to create it and to assign the user as a member of the project. 
3. Include in the metadata of the user (“description” field) the date in which the user has been upgraded to Community (with the format "community_started_at": "YYYY-MM-DD”).

	- You can check if the user is already created using this API request: curl -H "X-Auth-Token: {admin_token}" http://cloud.lab.fiware.org:4730/v3/users?name=“{user_email} <http://cloud.lab.fiware.org:4730/v3/users?name=%E2%80%9C{user_email}>”
	- In the user creation wizard, you can directly create an associated project to the user. Thus, the user is automatically associated as member of that project.
	- Identity -> Users -> Create User


4. Assign the role “Community” in the domain “default” to the user. 
	
	- Identiity -> Domains -> Manage Members (Default Domain) -> Search the user in the left side bar -> Select the user (+ icon) -> Search the user in the right side bar -> Select Community role

5.  If you want to assign different quotas than the default ones, assign the desired quotas to the created project in your node 

	- Projects -> Project details -> Modify quotas
	- To find the project details you can use the URL https://cloud.lab.fiware.org/identity/{project_id <https://cloud.lab.fiware.org/identity/{project_id>}detail/ <https://cloud.lab.fiware.org/identity/9de7c6071e834a07a869969e467d099d/detail/> 
	- To find the project associated to a user you can check user details in https://cloud.lab.fiware.org/identity/users/{user_id}/detail/ <https://cloud.lab.fiware.org/identity/users/%7Buser_id%7D/detail/>
	- To check user id you can use the API curl -H "X-Auth-Token: {admin_token}" http://cloud.lab.fiware.org:4730/v3/users?name=“{user_email} <http://cloud.lab.fiware.org:4730/v3/users?name=%E2%80%9C{user_email}>”

6. Assign the corresponding endpoint_group to the project associated to the user

	- curl -H "X-Auth-Token: {admin-token}” -X PUT http://cloud.lab.fiware.org:4730/v3//OS-EP-FILTER/endpoint_groups/{region_endpoint_group_id}/projects/{project_id} <http://cloud.lab.fiware.org:4730/v3//OS-EP-FILTER/endpoint_groups/%7Bregion_endpoint_group%7D/projects/%7Bproject_id%7D>
	- IMPORTANT: if no endpoint group is assigned to a user, it has access to every node. So please, this step is very important.
	- You can find your node’s endpoint group id in the attached document.
	
7. Notify the user of the account creation. Ask him/her to change the password the first time accessing the portal.

BR
--
Álvaro
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.fiware.org/private/fiware-lab-federation-nodes/attachments/20171011/ad5ea79c/attachment-0002.html>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: nodes_endpoint_groups.txt
URL: <https://lists.fiware.org/private/fiware-lab-federation-nodes/attachments/20171011/ad5ea79c/attachment-0001.txt>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.fiware.org/private/fiware-lab-federation-nodes/attachments/20171011/ad5ea79c/attachment-0003.html>