Solved: Can't delete some users as Administrator

Timo697 · ‎Nov 05, 2018

I was testing a service I wrote to allow users to create users using the CloneUserWithGroups() API. When testing, I created a couple users while logged in as the Administrator. That part worked fine. My issue is: ThingWorx won't allow me to delete those users!!??

ThingWorx returned a Delete Failure error message saying, "Editable System Objects Cannot Be Deleted."

I've removed those users from the groups the Administrator is in, but I'm still getting the same error message.

posipova · ‎Nov 08, 2018

Alright, just looked into the details of the one I reproduced.

Because you clone an Administrator user, it writes it as a systemobject (cloning all aspects).

I exported the user entity in xml format and manually edited the

aspect,isEditableSystemObject="false" (was set to true originally post creation)

Save the xml, import it back into the system- now you can delete your user.

View solution in original post

slangley · ‎Nov 05, 2018

Hi @Timo697.

Can you provide a screenshot of what you're attempting to delete? Based on the error message you're getting, it sounds as if you are deleting system objects instead of the users you created.

Regards.

--Sharon

Timo697 · ‎Nov 05, 2018

slangley · ‎Nov 05, 2018

Hi @Timo697.

Can you switch to old composer and see if you get the same behavior?

Regards.

--Sharon

Timo697 · ‎Nov 05, 2018

In the old composer, I'm still getting the same fail to delete message.

slangley · ‎Nov 05, 2018

Hi @Timo697.

Have changes been made to the Administrator account in regard to locale? I found an internal case regarding localization that could possibly result in this error.

Please provide details so I can attempt to recreate the issue.

Regards.

--Sharon

Timo697 · ‎Nov 05, 2018

I'm not entirely certain what you mean by locale, but the Languages field is "en". I recreated the error just now. And without doing anything to the Administrator fields, I couldn't delete the new user made. Below is the coding I used to create a user.

var params = {
	password: New_Password /* STRING */,
	sourceUserName: Existing_Username /* USERNAME */,
	name: New_Username /* STRING */,
	description: undefined /* STRING */,
	tags: undefined /* TAGS */
};

// no return
Resources["EntityServices"].CloneUserWithGroups(params);

Users[New_Username].Access_Level = New_Access_Level;
Users[New_Username].emailAddress = New_Email;
Users[New_Username].firstName = New_First_Name;
Users[New_Username].lastName = New_Last_Name;

Something else to consider, I'm running this on a trial version of Thingworx 8.3 (the company I work for is going through the process of purchasing it though).

posipova · ‎Nov 08, 2018

I was able to reproduce the issue. What access level did you set up as your input? It seems like the users were created as system objects.

posipova · ‎Nov 08, 2018

Alright, just looked into the details of the one I reproduced.

Because you clone an Administrator user, it writes it as a systemobject (cloning all aspects).

I exported the user entity in xml format and manually edited the

aspect,isEditableSystemObject="false" (was set to true originally post creation)

Save the xml, import it back into the system- now you can delete your user.

Timo697 · ‎Nov 08, 2018

Thanks posipova. That worked.

I think this issue needs to be documented or corrected in the cloneuserwithgroups api. I've read documentation that the Administrator can delete a user even if assigned to the administrator group.

posipova · ‎Nov 08, 2018

This works per design. If you are cloning a user, all aspects (including the system object Boolean) will be "cloned". This is different from creating a user and assigning it to the administrator group.