# <span style="color:purple">ArcGIS API for Python</span>

<img src="img/Users_02_Admin.PNG" style="width:75%"></img>

## Demo: Administrative Management of Users, Roles & Groups

### Are you frustrated with all the manual administration of users, groups, and items you have to do on your web GIS?

<img src="img/tangled_cables.jpg" style="width:100%"></img>

### Fear no more! 

### In this demo, we will go over a few workflows to show how the ArcGIS API can help administrators of Web GIS.

Let's import a few modules. We are importing getpass to provide the GIS object with a password in a safe manner.

In [1]:
from arcgis.gis import *
from getpass import getpass
from IPython.display import display

Let's call our GIS object and pass a local Portal.

In [2]:
password = getpass()
gis = GIS("https://govdev.eastus.cloudapp.azure.com/arcgis/home/index.html", "anieto", password, verify_cert=False)

········


### Querying for users

Let's run a full query for listed users:

In [3]:
gis.users.search()

[<User username:anieto>,
 <User username:brandon.might>,
 <User username:brandon.strohl>,
 <User username:bstayer>,
 <User username:dattaway>,
 <User username:esri_boundaries>,
 <User username:esri_demographics>,
 <User username:esri_livingatlas>,
 <User username:esri_nav>,
 <User username:IndianaDOT_User>,
 <User username:jeffrey.beal>,
 <User username:jon.nystrom>,
 <User username:juhen.yoon>,
 <User username:julia.hink>,
 <User username:lana.lau>,
 <User username:OhioDOT_User>,
 <User username:PortalAdmin>,
 <User username:rjavaraman>,
 <User username:saady.palma>,
 <User username:sarah.nieto>,
 <User username:shawn.howell>,
 <User username:system_publisher>,
 <User username:timothy.drager>,
 <User username:tom.oaks>]

Filter your user search...

In [4]:
gis.users.search("nieto")

[<User username:anieto>, <User username:sarah.nieto>]

You can also use wildcards in the search:

In [5]:
gis.users.search("p*")

[<User username:PortalAdmin>, <User username:saady.palma>]

Let's search for my colleague, Patrick O'Brien

In [6]:
gis.users.search("pobrien")

[]

### Create a new user

Users can be created through the API

In [7]:
patrick = gis.users.create(username = "pobrien", 
                           password = "Password1!",
                           firstname = "Patrick",
                           lastname = "O'Brien",
                           email = "pobrien@esri.com",
                           role = "org_user")
patrick

This variable is now a "user" object

In [8]:
type(patrick)

arcgis.gis.User

Use intellisense to see all the options you have available with user objects.

In [9]:
patrick.delete()

True

### Querying for groups

In [10]:
gis.groups.search()

[<Group title:"Esri Boundary Layers" owner:esri_boundaries>,
 <Group title:"Esri Demographic Layers" owner:esri_demographics>,
 <Group title:"Featured Maps and Apps" owner:PortalAdmin>,
 <Group title:"Florida DOT" owner:PortalAdmin>,
 <Group title:"Indiana DOT" owner:PortalAdmin>,
 <Group title:"Living Atlas" owner:esri_livingatlas>,
 <Group title:"Living Atlas Analysis Layers" owner:esri_livingatlas>,
 <Group title:"Navigator Maps" owner:esri_nav>,
 <Group title:"Ohio DOT" owner:PortalAdmin>,
 <Group title:"Solution Engineers" owner:anieto>,
 <Group title:"USDOT - FHWA - Federal Lands Highway" owner:anieto>]

Let's create the group

In [12]:
# create groups
se_group = gis.groups.create("Solution Engineer Demo", "SE; Team")

This is a "group" object

In [13]:
se_group

In [14]:
type(se_group)

arcgis.gis.Group

Like the user object, it has methods we can call on it

In [None]:
se_group.

## So we know how to query, create, and delete users... now what?

# I got an idea!

<img src="img/idea.gif">


## I want to create a group for the Solution Engineers and I want to add every solution engineer in the DC office to it. 
## I also want to add this to multiple portals and ArcGIS Online organizations that the DC office is responsible for! 
## Also, I want to do this fast enough to have everyone be able to create demos ahead of FedGIS.

<img src="img/tangled_cables.jpg" style="width:100%"></img>

## Have no fear! The ArcGIS API for Python is here to help.

# Step 1: Use a file containing your solution engineer information to batch create users. This can be repeated for however many portals/organizations you need.

In [15]:
# Solution Engineer File
se_info_excel = "data/SolutionEngineers_UserList.xlsx"

We're going to import the pandas library to quickly get the data from the excel

In [16]:
import pandas as pd

In [17]:
se_dataframe = pd.read_excel(se_info_excel)
se_dataframe

Unnamed: 0,username,firstname,lastname,email,role
0,scecilio,Scott,Cecilio,scecilio@esri.com,org_user
1,jfry,John,Fry,jfry@esri.com,org_user
2,kharrigan,Ken,Harrigan,kharrigan@esri.com,org_user
3,ggonzales,Gil,Gonzales,ggonzales@esri.com,org_user
4,jbauer,Jim,Bauer,jbauer@esri.com,org_user
5,rbernstein,Renee,Bernstein,rbernstein@esri.com,org_user
6,tquink,Tyson,Quink,tquink@esri.com,org_user
7,dbaird,Darren,Baird,dbaird@esri.com,org_user
8,mwalther,Milq,Walther-Rodriguez,mwalther@esri.com,org_user
9,klevy,Kate,Levy,klevy@esri.com,org_user


In [18]:
# Create an empty list that will hold our usernames for all Solution Engineers
se_users_list = []
se_userobjects_list = []
dummy_password = "GoGators4Eva"

# Iterate on each record of the team info file, and create a user for it
for index, row in se_dataframe.iterrows():
    # Read from the record
    username = row['username']
    firstname = row['firstname']
    lastname = row['lastname']
    email = row['email']
    role = row['role']
    
    print("Creating user {0}...".format(username))
    se_users_list.append(username)
    
    se_user = gis.users.create(username=username,
                               password=dummy_password,
                               firstname=firstname,
                               lastname=lastname,
                               email=email,
                               role=role)
    
    se_userobjects_list.append(se_user)

Creating user scecilio...
Creating user jfry...
Creating user kharrigan...
Creating user ggonzales...
Creating user jbauer...
Creating user rbernstein...
Creating user tquink...
Creating user dbaird...
Creating user mwalther...
Creating user klevy...


In [19]:
se_users_list

['scecilio',
 'jfry',
 'kharrigan',
 'ggonzales',
 'jbauer',
 'rbernstein',
 'tquink',
 'dbaird',
 'mwalther',
 'klevy']

In [20]:
se_userobjects_list

[<User username:scecilio>,
 <User username:jfry>,
 <User username:kharrigan>,
 <User username:ggonzales>,
 <User username:jbauer>,
 <User username:rbernstein>,
 <User username:tquink>,
 <User username:dbaird>,
 <User username:mwalther>,
 <User username:klevy>]

In [21]:
for usr_obj in se_userobjects_list:
    display(usr_obj)

Now we use the list of solution engineer usernames to add it to the Solution Engineers group using its object's method

In [22]:
se_group.add_users(se_users_list)

{'notAdded': []}

In [23]:
se_group.get_members()

{'admins': ['anieto'],
 'owner': 'anieto',
 'users': ['klevy',
  'jfry',
  'mwalther',
  'scecilio',
  'ggonzales',
  'rbernstein',
  'jbauer',
  'kharrigan',
  'tquink',
  'dbaird']}

# Ruh Roh!

<img src="img/tenor.gif">


## We found out that we have to remove every user from every Portal and ArcGIS Online organization we added them to.

## We also have to do it fast and leave everything nice and tidy!

<img src="img/tangled_cables.jpg" style="width:100%"></img>

## Have no fear! The ArcGIS API for Python is here to help.

We're going to use the list of user objects to call their delete method and clean up after ourselves. 

Hint: This is also the way I clean up after my own self for this demo!

In [24]:
se_group.remove_users(se_users_list)

{'notRemoved': []}

In [25]:
for user_obj in se_userobjects_list:
    print("Removing user {0}...".format(user_obj.username))
    user_obj.delete()

Removing user scecilio...
Removing user jfry...
Removing user kharrigan...
Removing user ggonzales...
Removing user jbauer...
Removing user rbernstein...
Removing user tquink...
Removing user dbaird...
Removing user mwalther...
Removing user klevy...


#### You could also quickly create a script that takes a threshold for the last login date for each user, and removes the user if they have not signed in recently enough.

#### ... or if you want to be nice, you can use the smtplib library in Python to send them a warning e-mail.

### How about that?
<img src="img/cmdrdata.gif" align="left" style="width: 50%">