Delegated Administration: Write Hook
The Write Hook, which runs anytime you create or update a user, allows you to do things like:
Changing the user's password
Changing the user's email address
Updating the user's profile
You can also use the Write Hook to automatically set default values for newly-created users. For example, you might want to automatically assign a user to the same group, department, or vendor as the ones to which you've been assigned.
Hook contract
ctx: Context object.
request.originalUser: Current user's values where the payload is the new set of fields. Only available when the method is update.
payload: Payload object
memberships: Array of memberships that were selected in the UI when creating the user.
email: Email address of the user.
password: Password of the user.
connection: Name of the database connection.
app_metadata: Data that's included if a Custom Field being modified is saved in
app_metadata
.user_metadata: Data that's included if a Custom Field being modified is saved in
user_metadata
.
userFields: User fields array (if specified in the settings query)
method: Either create or update depending on whether this is being called as a result of a create or an update call.
callback(error, user): Callback to which you can return an error and the user object that should be sent to the Management API.
Sample use
Kelly manages the Finance department. When she creates users, these users should be assigned as members of the Finance department.
function(ctx, callback) {
var newProfile = {
email: ctx.payload.email,
password: ctx.payload.password,
connection: ctx.payload.connection,
user_metadata: ctx.payload.user_metadata,
app_metadata: {
department: ctx.payload.memberships && ctx.payload.memberships[0],
...ctx.payload.app_metadata
}
};
if (!ctx.payload.memberships || ctx.payload.memberships.length === 0) {
return callback(new Error('The user must be created within a department.'));
}
// Get the department from the current user's metadata.
var currentDepartment = ctx.request.user.app_metadata && ctx.request.user.app_metadata.department;
if (!currentDepartment || !currentDepartment.length) {
return callback(new Error('The current user is not part of any department.'));
}
// If you're not in the IT department, you can only create users within your own department.
// IT can create users in all departments.
if (currentDepartment !== 'IT' && ctx.payload.memberships[0] !== currentDepartment) {
return callback(new Error('You can only create users within your own department.'));
}
if (ctx.method === 'update') {
// If updating, only set the fields we need to send
Object.keys(newProfile).forEach(function(key) {
if (newProfile[key] === ctx.request.originalUser[key]) delete newProfile[key];
});
}
// This is the payload that will be sent to API v2. You have full control over how the user is created in API v2.
return callback(null, newProfile);
}