Do I need User table?

Do I need User table?

  
To login to the application I'm creating, each user is validated to Active Directory. Then, a user record is created/updated inside the application, in a new table I've created. As far as I've seen, we can't add or modify any column in User table, so I created a new one to manage user data.
So, my question is, do I need User table for anything? Or can I just forget it? Is there anything I don't see, so I need to update User table also?
Dear Fernando Dias,

Although it is possible to maintain all the user information in your own custom table and ignoring "User", by doing so you will lose out on some of the powerful login and permission areas supported natively by the platform.

If you use the "User" system table to keep track of your users, you'll be able to use the Login or LoginPassword actions, allowing you to Check against (as well as grant and revoke) the user permissions in security-sensitive parts of your application. Other maintenance related features like "when did the user last login" become available to you with no extra effort.

We suggest that you do use the "User" table for for login purposes, and if you need extra Attributes that it does not provide, you create some sort of "UserExtendedInfo" table with the remaining data. You could then set this Entity's Id to be of type "User identifier", binding both tables.

If you then use a Simple Query node with both the "User" and the "UserExtendedInfo" Entities in it (notice that Service Studio automatically adds a join condition) you will get an output Record List with the collated columns, as if they were featured in one and the same table.

Best Regards,

Miguel
Thanks Miguel.
I suppose I'll not user the password and login features of User table, because the validations are made against Active Directory. But, yes, all the remaining points are useful.
I've seen in documentation and in one of OS samples, there's a couple of tables relating user which I can't find! I suppose I need to add any extension which I can't find... Can you provide me that extension? I'm talking about "Permission_Area" and "User_permission" tables.

Thanks for your help.

Fernando Dias
Dear Fernando,

Even thought you validate against Active Directory, I would suggest storing a "mirror" of the user info in the "User" table to facilitate the permissions' handling in your application. By doing so, it is unlikely that you will need to access the two system tables mentioned in your post: all the granting/associating and revoking/removal of permissions can be handled via the Extended Actions Grant<Permission>, Revoke<Permission> and Check<Permission>, a much cleaner and higher-level approach.

Using these tables is only required if, for example, you are implementing a back office in which the administrator has no knowledge of the permission areas the application author has created but still needs to grant/revoke them to individual users i.e. a dynamic and quite uncommon scenario.

If you do, however, still need this sort of low-level access, you must contact your Service Center admin to associate these system entities to your eSpace. For more info on this please check the section "system entities" in the Service Studio help file.

Regards,


Miguel