Skip to main content

HS.Registry.Person.UserLoginID

persistent class HS.Registry.Person.UserLoginID extends %Library.Persistent, %XML.Adaptor, HS.Util.Status.PersistentHelper

SQL Table Name: HS_Registry_Person.UserLoginID

Property Inventory

Method Inventory

Parameters

parameter XMLIGNOREINVALIDTAG = 1;
Inherited description: The XMLIGNOREINVALIDTAG parameter allows the programmer to control handling of unexpected elements in the XML input. The XMLIGNOREINVALIDTAG parameter will only take affect if XMLSEQUENCE = 0 (the default). By default (XMLIGNOREINVALIDTAG = 0), will treat an unexpected element as an error. If XMLIGNOREINVALIDTAG is set = 1 and XMLSEQUENCE = 0, then unexpected elements will be ignored.
parameter XMLIGNORENULL = inputonly;
Inherited description: XMLIGNORENULL allows the programmer to override the default XML handling of empty strings for properties of type %String. By default (XMLIGNORENULL = 0), empty strings in the XML input are stored as $c(0) and $c(0) is written to XML as an empty tag. A missing tag in the XML input is always stored as "" and "" is always output to XML as no tag.

If XMLIGNORENULL is set = 1, then both missing tags in the XML and empty strings are input as "", and both "" and $c(0) are output as empty tags (i.e. <tag></tag>).

If XMLIGNORENULL is set = "inputonly", then both missing tags in the XML and empty strings are input as "". Output of "" and $c(0) are for XMLIGNORENULL = 0: $c(0) is output as an empty tag (i.e. <tag></tag>) and "" is output as no tag.

If XMLIGNORENULL = "runtime" (runtime is not case sensitive), then the behavior of XMLIGNORENULL is determined by the format parameter of XMLExport, XMLImport and %XML.Reader.OpenFile. The default behavior for XMLIGNORENULL="runtime is the same as XMLIGNORENULL=0. Adding "ignorenull" to the format argument changes the behavior to that of XMLIGNORENULL=1. "ignorenull" shoud be separated by a comma from literal/encoded part of the format. Example values for format are "", ",ignorenull", "literal,ignorenull" and "encoded,ignorenull". Note that "inputonly" is equivalent to using ,ignorenull for XMLExport and not for %XML.Reader.

Properties

property BadLoginCount as %Integer;
Count of how many bad logins have happened since the last successful login Maintained as needed by HSAuth or its descendents
Property methods: BadLoginCountDisplayToLogical(), BadLoginCountGet(), BadLoginCountGetStored(), BadLoginCountIsValid(), BadLoginCountLogicalToDisplay(), BadLoginCountNormalize(), BadLoginCountSet(), BadLoginCountXSDToLogical()
property ChallengeAnswer as %String (MAXLEN = 256);
Property methods: ChallengeAnswerDisplayToLogical(), ChallengeAnswerGet(), ChallengeAnswerGetStored(), ChallengeAnswerIsValid(), ChallengeAnswerLogicalToDisplay(), ChallengeAnswerLogicalToOdbc(), ChallengeAnswerNormalize(), ChallengeAnswerSet()
property ChallengeQuestion as %String (MAXLEN = 256);
Required for use of "Forgot Password"
Property methods: ChallengeQuestionDisplayToLogical(), ChallengeQuestionGet(), ChallengeQuestionGetStored(), ChallengeQuestionIsValid(), ChallengeQuestionLogicalToDisplay(), ChallengeQuestionLogicalToOdbc(), ChallengeQuestionNormalize(), ChallengeQuestionSet()
property ChangePassword as %Boolean [ InitialExpression = 0 ];
%HS* domains Change password on next login.
0 - Password change not required.
1 - Password change required before next login.
Property methods: ChangePasswordDisplayToLogical(), ChangePasswordGet(), ChangePasswordGetStored(), ChangePasswordIsValid(), ChangePasswordLogicalToDisplay(), ChangePasswordLogicalToXSD(), ChangePasswordNormalize(), ChangePasswordSet(), ChangePasswordXSDToLogical()
property DatePasswordChanged as %Integer;
For enforcing entry of a new password after a period of time
Property methods: DatePasswordChangedDisplayToLogical(), DatePasswordChangedGet(), DatePasswordChangedGetStored(), DatePasswordChangedIsValid(), DatePasswordChangedLogicalToDisplay(), DatePasswordChangedNormalize(), DatePasswordChangedSet(), DatePasswordChangedXSDToLogical()
property DomainCode as %String (MAXLEN = 128) [ Required ];
Domain Code, IDKEY to Domain Registry
Property methods: DomainCodeDisplayToLogical(), DomainCodeGet(), DomainCodeGetStored(), DomainCodeIsValid(), DomainCodeLogicalToDisplay(), DomainCodeLogicalToOdbc(), DomainCodeNormalize(), DomainCodeSet()
property EmailID as %String (MAXLEN = 500);
Used for password reset workflows.
MAXLEN set to match HS.Registry.Person.UserEmail
Property methods: EmailIDDisplayToLogical(), EmailIDGet(), EmailIDGetStored(), EmailIDIsValid(), EmailIDLogicalToDisplay(), EmailIDLogicalToOdbc(), EmailIDNormalize(), EmailIDSet()
property ExpirationDate as %Integer;
%HS* domains, copied from Security.Users Last date an account can be used.
$H date value of when an account becomes disabled.
Property methods: ExpirationDateDisplayToLogical(), ExpirationDateGet(), ExpirationDateGetStored(), ExpirationDateIsValid(), ExpirationDateLogicalToDisplay(), ExpirationDateNormalize(), ExpirationDateSet(), ExpirationDateXSDToLogical()
property LastModifiedBy as %String (MAXLEN = 128, TRUNCATE = 1) [ Transient ];
The user who most recently changed this login ID - for auditing purposes
Property methods: LastModifiedByDisplayToLogical(), LastModifiedByGet(), LastModifiedByIsValid(), LastModifiedByLogicalToDisplay(), LastModifiedByLogicalToOdbc(), LastModifiedByNormalize(), LastModifiedBySet()
property LoginID as HS.HC.DataType.LoginId [ Required ];
Login ID in HealthShare or external registry.
Property methods: LoginIDDisplayToLogical(), LoginIDGet(), LoginIDGetStored(), LoginIDIsValid(), LoginIDLogicalToDisplay(), LoginIDLogicalToOdbc(), LoginIDNormalize(), LoginIDSet()
property Password as HS.Registry.Person.UserPassword;
%HS* domains, copied from Security.Users PBKDF2 hashed password for Cache Authentication.
This is used with a salt function obtained from $System.Encryption.GenCryptRand. This property is set by the class when the PasswordExternal property is modified. Do not set this property directly.
Property methods: PasswordGet(), PasswordGetStored(), PasswordIsValid(), PasswordLogicalToDisplay(), PasswordLogicalToOdbc(), PasswordLogicalToXSD(), PasswordSet(), PasswordXSDToLogical()
property PasswordExternal as %String (MAXLEN = 128, XMLPROJECTION = "NONE") [ InitialExpression = $c(0) , Transient ];
%HS* domains, copied from Security.Users Clear text password.
This property is not stored in permanent storage. It is initially set to the value of $c(0). When it is modified, the Password property is updated to the PBKDF2 salted hashed value.
Property methods: PasswordExternalDisplayToLogical(), PasswordExternalGet(), PasswordExternalIsValid(), PasswordExternalLogicalToDisplay(), PasswordExternalLogicalToOdbc(), PasswordExternalNormalize()
relationship PasswordHistory as array of HS.Registry.Person.UserPWHistory [ InitialExpression = $listbuild("HS.Registry.Person.UserPWHistory","LoginID",+$this,"children",1,1) , Transient , Inverse = LoginID , Cardinality = children ];
Property methods: PasswordHistoryGet(), PasswordHistoryGetObject(), PasswordHistoryGetObjectId(), PasswordHistoryGetSwizzled(), PasswordHistoryIsEmpty(), PasswordHistoryIsValid(), PasswordHistoryNewObject(), PasswordHistoryRClose(), PasswordHistoryRExec(), PasswordHistoryRFetch(), PasswordHistoryRelate(), PasswordHistorySQLCompute(), PasswordHistorySet(), PasswordHistoryUnRelate()
property PhoneNumber as %String (MAXLEN = 64);
If the domain uses two factor authentication, this will be the phone number (usually a mobile phone)
Property methods: PhoneNumberDisplayToLogical(), PhoneNumberGet(), PhoneNumberGetStored(), PhoneNumberIsValid(), PhoneNumberLogicalToDisplay(), PhoneNumberLogicalToOdbc(), PhoneNumberNormalize(), PhoneNumberSet()
property PhoneProvider as %String (MAXLEN = 128);
If the domain uses two factor authentication, this will be the phone provider
Property methods: PhoneProviderDisplayToLogical(), PhoneProviderGet(), PhoneProviderGetStored(), PhoneProviderIsValid(), PhoneProviderLogicalToDisplay(), PhoneProviderLogicalToOdbc(), PhoneProviderNormalize(), PhoneProviderSet()
property Roles as list of %String (MAXLEN = 64);
%HS* domains, copied from Security.Users Include special consent-group roles (HSGROUP*) Roles assigned to the user.
Property methods: RolesBuildValueArray(), RolesCollectionToDisplay(), RolesCollectionToOdbc(), RolesDisplayToCollection(), RolesDisplayToLogical(), RolesGet(), RolesGetObject(), RolesGetObjectId(), RolesGetStored(), RolesGetSwizzled(), RolesIsValid(), RolesLogicalToDisplay(), RolesLogicalToOdbc(), RolesNormalize(), RolesOdbcToCollection(), RolesSet(), RolesSetObject(), RolesSetObjectId()
property Salt as %Binary (MAXLEN = 64);
%HS* domains, copied from Security.Users Salt value for Hashed password from $System.Encryption.GenCryptRand.
Property methods: SaltGet(), SaltGetStored(), SaltIsValid(), SaltLogicalToXSD(), SaltSet(), SaltXSDToLogical()
relationship UserClinician as HS.Registry.Person.User [ Required , Inverse = LoginIDs , Cardinality = parent ];
Property methods: UserClinicianGet(), UserClinicianGetObject(), UserClinicianGetObjectId(), UserClinicianGetStored(), UserClinicianGetSwizzled(), UserClinicianIsValid(), UserClinicianNewObject(), UserClinicianOnDelete(), UserClinicianRClose(), UserClinicianRExec(), UserClinicianRFetch(), UserClinicianRelate(), UserClinicianSQLCompute(), UserClinicianSet(), UserClinicianSetObject(), UserClinicianSetObjectId(), UserClinicianUnRelate(), UserClinicianUnSwizzle()

Methods

classmethod DeleteData(id As %String, concurrency As %Integer = -1) as %Status
Delete after validating (none currently)
classmethod ListUserLoginIDsClose(ByRef qHandle As %Binary) as %Status
classmethod ListUserLoginIDsExecute(ByRef qHandle As %Binary, pRegistryId As %String) as %Status
classmethod ListUserLoginIDsFetch(ByRef qHandle As %Binary, ByRef Row As %List, ByRef AtEnd As %Integer = 0) as %Status

Queries

query ListUserLoginIDs(pRegistryId As %String)
Selects ID As %String, Domain As %String, LoginID As %String, UserClinician As %String
List login IDs via web service call

Indexes

index (DomainEmailIndex on DomainCode,EmailID) [Unique];
Ensure uniqueness of Email ID per domain so password reset flows can use email ID as unique identifier.
Index methods: DomainEmailIndexCheck(), DomainEmailIndexCheckUnique(), DomainEmailIndexDelete(), DomainEmailIndexExists(), DomainEmailIndexOpen(), DomainEmailIndexSQLCheckUnique(), DomainEmailIndexSQLExists(), DomainEmailIndexSQLFindPKeyByConstraint(), DomainEmailIndexSQLFindRowIDByConstraint()
index (IDKEY on ) [IdKey, Type = key];
Index methods: IDKEYCheck(), IDKEYDelete(), IDKEYExists(), IDKEYOpen(), IDKEYSQLCheckUnique(), IDKEYSQLExists(), IDKEYSQLFindPKeyByConstraint(), IDKEYSQLFindRowIDByConstraint()
index (LoginIDIndex on DomainCode,LoginID);
Index methods: LoginIDIndexExists()

Inherited Members

Inherited Methods

Storage

Storage Model: Storage (HS.Registry.Person.UserLoginID)

{%%PARENT}("LoginIDs")(ID)
=
%%CLASSNAME
LoginID
DomainCode
Password
Salt
ChangePassword
ExpirationDate
Roles
DatePasswordChanged
BadLoginCount
ChallengeQuestion
ChallengeAnswer
PhoneProvider
PhoneNumber
EmailID
PasswordHashAlgorithm
PasswordHashWorkFactor
FeedbackOpens in a new tab