[midPoint] 3.1 SNAPSHOT, Username Generation
Ivan Noris
ivan.noris at evolveum.com
Wed Dec 10 20:35:28 CET 2014
I have re-added the Org assignment as I was testing last week. It's
still working.
This is what I added at the end of the template:
<mapping>
<authoritative>true</authoritative>
<source>
<c:path
xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3">organization</c:path>
</source>
<expression>
<assignmentTargetSearch>
<targetType
xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3">c:OrgType</targetType>
<filter
xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3">
<q:equal>
<q:path>name</q:path>
<expression>
<c:path
xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3">$organization</c:path>
</expression>
</q:equal>
</filter>
</assignmentTargetSearch>
</expression>
<target>
<c:path
xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3">assignment</c:path>
</target>
</mapping>
User:
<user xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
oid="9be4e4c9-66fc-4fbe-83c8-286ebfb9ac6e"
version="1">
<name>anpapecok5</name>
<parentOrgRef oid="00000000-8888-6666-0000-100000000030"
type="OrgType"><!-- Posam --></parentOrgRef>
<metadata>
<createTimestamp>2014-12-10T20:30:38.743+01:00</createTimestamp>
<creatorRef oid="00000000-0000-0000-0000-000000000002"
type="UserType"><!-- administrator --></creatorRef>
<createChannel>http://midpoint.evolveum.com/xml/ns/public/provisioning/channels-3#liveSync</createChannel>
</metadata>
<linkRef oid="abb8d8cc-507b-4210-aac7-3777c37b4b5b"
type="ShadowType"><!-- papecok5 --></linkRef>
<assignment id="1">
<targetRef
xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
oid="00000000-8888-6666-0000-100000000030"
type="c:OrgType"><!-- MyOrg --></targetRef>
</assignment>
<activation>
<effectiveStatus>disabled</effectiveStatus>
<disableTimestamp>2014-12-10T20:30:38.086+01:00</disableTimestamp>
</activation>
<iteration>4</iteration>
<iterationToken>5</iterationToken>
<givenName>Andrej</givenName>
<familyName>Papecok</familyName>
<emailAddress>anpapecok5 at bshp.edu</emailAddress>
<employeeNumber>papecok5</employeeNumber>
<costCenter>xxx</costCenter>
<organization>MyOrg</organization>
. . .
</user>
So unless there is any trick hidden in the other mappings, maybe the
issue was resolved since your snapshot... Can you post the exact
midPoint version?
I.
On 12/10/2014 08:25 PM, Jason Everling wrote:
> No not really, looks to be the same,
>
> I attached the template,
>
> The only thing else besides creating the username and email address is
> that it assigns the correct Org based on the costCenter attribute
> which is mapped to program in my CSV and also assigns a role,
>
>
>
> On Wed, Dec 10, 2014 at 1:18 PM, Ivan Noris <ivan.noris at evolveum.com
> <mailto:ivan.noris at evolveum.com>> wrote:
>
> Hi Jason,
>
> this is interesting: it seems to work:
>
> Right now I have resource with object template reference in
> unmatched action:
> . . .
> <reaction>
> <situation>unmatched</situation>
> <objectTemplateRef
> oid="10000000-0000-0000-1111-000000000203"/>
> <action
> ref="http://midpoint.evolveum.com/xml/ns/public/model/action-3#addUser"
> <http://midpoint.evolveum.com/xml/ns/public/model/action-3#addUser>/>
> </reaction>
> . . .
>
> The template:
> <objectTemplate
> xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>
> oid="10000000-0000-0000-1111-000000000203"
> version="2">
> <name>Default User Template (VIX)</name>
> <iteration>
> <maxIterations>999</maxIterations>
> <tokenExpression>
> <script>
> <code>
> if (iteration == 0) {
> return "";
> } else {
> return "" + (iteration+1)
> }
> </code>
> </script>
> </tokenExpression>
> </iteration>
> <mapping>
> <name>Generate Username</name>
> <source>
> <name>tmpGivenName</name>
> <c:path
> xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>>givenName</c:path>
> </source>
> <source>
> <name>tmpFamilyName</name>
> <c:path
> xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>>familyName</c:path>
> </source>
> <expression>
> <script>
> <code>
> tmpGivenNameInitial =
> basic.stringify(tmpGivenName)?.size() > 0 ?
> (basic.stringify(tmpGivenName)).substring(0,2) : ''
> if (iteration == 0) {
> basic.norm(basic.stringify(tmpGivenNameInitial
> + tmpFamilyName))
> }
> else {
> basic.norm(basic.stringify(tmpGivenNameInitial
> + tmpFamilyName)) + iterationToken
> }
> </code>
> </script>
> </expression>
> <target>
> <c:path
> xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>>name</c:path>
> </target>
> </mapping>
> <mapping>
> <source>
> <c:path
> xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>>$user/name</c:path>
> </source>
> <source>
> <c:path
> xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>>$user/emailAddress</c:path>
> </source>
> <expression>
> <script>
>
> <language>http://midpoint.evolveum.com/xml/ns/public/expression/language#Groovy</language>
> <code>name+'@bshp.edu <mailto:name%2B%27 at bshp.edu>'</code>
> </script>
> </expression>
> <target>
> <c:path
> xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>>emailAddress</c:path>
> </target>
> </mapping>
> </objectTemplate>
>
> The CSV entry:
> employeeID,firstname,lastname,otherMailbox,program,organization
> "papecok4","Andrej","Papecok","papecok4","xxx","MyOrg"
>
> MidPoint User after sync:
> <user
> xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>
> oid="93b18a69-f030-4164-9cef-ef955233b2bc"
> version="1">
> <name>anpapecok4</name>
> . . .
> <iteration>3</iteration>
> <iterationToken>4</iterationToken>
> <givenName>Andrej</givenName>
> <familyName>Papecok</familyName>
> * <emailAddress>anpapecok4 at bshp.edu
> <mailto:anpapecok4 at bshp.edu></emailAddress>*
> <employeeNumber>papecok4</employeeNumber>
> . . .
> </user>
>
> This is midPoint git-v3.0.1devel-704-g0937a70
>
> Can you see any difference with your config...?
>
> Regards,
> Ivan
>
>
> On 12/10/2014 05:13 PM, Jason Everling wrote:
>> So I disabled or removed that template from the resource
>> reactions, I set it as the default template is sysconfig.
>>
>> It still does it, <emailAddress>null at domain.com
>> <mailto:null at domain.com></emailAddress> seems to be affected,
>>
>> Wierd though, I turned on debugging,
>>
>> It shows the attribute being created correctly, you can see from
>> the log but in the gui and in the user xml it is null at domain.com
>> <mailto:null at domain.com>
>>
>> ObjectDelta<UserType>(UserType:ab907de7-4302-47ef-8003-36959fc842ef,ADD):
>> user: (ab907de7-4302-47ef-8003-36959fc842ef, v0, UserType)
>> extension:
>> otherMailbox: [ hhernandez at local.org
>> <mailto:hhernandez at local.org> ]
>> eduPersonAffiliation: [ student ]
>> givenName: Herman
>> familyName: Hernandes
>> costCenter: PN
>> employeeNumber: HE5019982
>> credentials:
>> password:
>> value:
>> ProtectedStringType(encrypted=EncryptedDataType(encryptionMethod=EncryptionMethodType(algorithm=http://www.w3.org/2001/04/xmlenc#aes128-cbc),
>> keyInfo=KeyInfoType(keyName=HiCJvCmeUCWoiEl3d+uXyd2VeYs=),
>> cipherData=CipherDataType(cipherValue=[32 bytes])))
>> activation:
>> administrativeStatus: ENABLED
>> effectiveStatus: ENABLED
>> enableTimestamp: 2014-12-10T10:07:21.502-06:00
>> emailAddress: hehernandes at domain.com
>> <mailto:hehernandes at domain.com>
>> name: hehernandes
>> employeeType: [ A2S ]
>> locale: US
>> organization: [ OU=DPN,OU=SHP Students,DC=TEST,DC=LOCAL ]
>> locality: San Antonio
>> fullName: Herman Hernandes
>> iteration: 0
>>
>> On Wed, Dec 10, 2014 at 9:46 AM, Ivan Noris
>> <ivan.noris at evolveum.com <mailto:ivan.noris at evolveum.com>> wrote:
>>
>> Jason,
>>
>> I believe I have seen this couple of weeks ago when debugging
>> the iterator problem... seems that I've forgotten about this.
>>
>> But as far I can remember, it has worked when the mapping was
>> in global system template instead of the resource-referenced.
>>
>> If you can temporarily disable using of the template in
>> resource and set the same template in System Configuration
>> for UserType objects, can you please test the behaviour?
>>
>> Anyway it seems to be a bug, so after you could confirm the
>> behaviour, I'd create a new issue.
>>
>> Thanks,
>> I.
>>
>>
>> On 12/10/2014 04:32 PM, Jason Everling wrote:
>>> Since I upgraded to 3.1 and I am not sure if this is related
>>> to the other CSV Resource issue.
>>>
>>> Here is the mapping for the template, it worked fine in
>>> 3.0.1 so I do not know if anything changed, the email
>>> address is built using name + '@domain.com
>>> <http://domain.com>' but when the user is created I get
>>> null at domain.com <mailto:null at domain.com>, like it is not
>>> picking up the username from the first mapping
>>>
>>> <mapping>
>>> <name>Generate Username for CSV</name>
>>> <source>
>>> <name>tmpGivenName</name>
>>> <path>givenName</path>
>>> </source>
>>> <source>
>>> <name>tmpFamilyName</name>
>>> <path>familyName</path>
>>> </source>
>>> <!-- Will generate username in the filastname format
>>> with iterator,
>>> filastname
>>> filastname2
>>> -->
>>> <expression>
>>> <script>
>>> <code>
>>> tmpGivenNameInitial =
>>> basic.stringify(tmpGivenName)?.size() > 0 ?
>>>
>>> (basic.stringify(tmpGivenName)).substring(0,2) : ''
>>> if (iteration == 0) {
>>>
>>> basic.norm(basic.stringify(tmpGivenNameInitial + tmpFamilyName))
>>> }
>>> else {
>>>
>>> basic.norm(basic.stringify(tmpGivenNameInitial +
>>> tmpFamilyName)) + iterationToken
>>> }
>>> </code>
>>> </script>
>>> </expression>
>>> <target>
>>> <path>name</path>
>>> </target>
>>> </mapping>
>>>
>>> <iteration>
>>> <maxIterations>25</maxIterations>
>>> <tokenExpression>
>>> <script>
>>> <code>
>>> if (iteration == 0) {
>>> return "";
>>> } else {
>>> return "" + (iteration+1)
>>> }
>>> </code>
>>> </script>
>>> </tokenExpression>
>>> </iteration>
>>>
>>> <mapping>
>>> <source>
>>> <path>$user/name</path>
>>> </source>
>>> <expression>
>>> <script>
>>>
>>> <language>http://midpoint.evolveum.com/xml/ns/public/expression/language#Groovy</language>
>>> <code>name + '@domain.com
>>> <http://domain.com>'</code>
>>> </script>
>>> </expression>
>>> <target>
>>> <path>emailAddress</path>
>>> </target>
>>> </mapping>
>>>
>>>
>>>
>>>
>>> CONFIDENTIALITY NOTICE:
>>> This e-mail together with any attachments is proprietary and
>>> confidential; intended for only the recipient(s) named above
>>> and may contain information that is privileged. You should
>>> not retain, copy or use this e-mail or any attachments for
>>> any purpose, or disclose all or any part of the contents to
>>> any person. Any views or opinions expressed in this e-mail
>>> are those of the author and do not represent those of the
>>> Baptist School of Health Professions. If you have received
>>> this e-mail in error, or are not the named recipient(s), you
>>> are hereby notified that any review, dissemination,
>>> distribution or copying of this communication is prohibited
>>> by the sender and to do so might constitute a violation of
>>> the Electronic Communications Privacy Act, 18 U.S.C. section
>>> 2510-2521. Please immediately notify the sender and delete
>>> this e-mail and any attachments from your computer.
>>>
>>>
>>> _______________________________________________
>>> midPoint mailing list
>>> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>
>> --
>> Ing. Ivan Noris
>> Senior Identity Management Engineer
>> evolveum.com <http://evolveum.com> evolveum.com/blog/ <http://evolveum.com/blog/>
>> _____________________________________________
>> "Semper Id(e)M Vix."
>>
>>
>> _______________________________________________
>> midPoint mailing list
>> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>
>>
>>
>>
>>
>> CONFIDENTIALITY NOTICE:
>> This e-mail together with any attachments is proprietary and
>> confidential; intended for only the recipient(s) named above and
>> may contain information that is privileged. You should not
>> retain, copy or use this e-mail or any attachments for any
>> purpose, or disclose all or any part of the contents to any
>> person. Any views or opinions expressed in this e-mail are those
>> of the author and do not represent those of the Baptist School of
>> Health Professions. If you have received this e-mail in error, or
>> are not the named recipient(s), you are hereby notified that any
>> review, dissemination, distribution or copying of this
>> communication is prohibited by the sender and to do so might
>> constitute a violation of the Electronic Communications Privacy
>> Act, 18 U.S.C. section 2510-2521. Please immediately notify the
>> sender and delete this e-mail and any attachments from your
>> computer.
>>
>>
>> _______________________________________________
>> midPoint mailing list
>> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>> http://lists.evolveum.com/mailman/listinfo/midpoint
>
> --
> Ing. Ivan Noris
> Senior Identity Management Engineer
> evolveum.com <http://evolveum.com> evolveum.com/blog/ <http://evolveum.com/blog/>
> _____________________________________________
> "Semper Id(e)M Vix."
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
>
>
>
> CONFIDENTIALITY NOTICE:
> This e-mail together with any attachments is proprietary and
> confidential; intended for only the recipient(s) named above and may
> contain information that is privileged. You should not retain, copy or
> use this e-mail or any attachments for any purpose, or disclose all or
> any part of the contents to any person. Any views or opinions
> expressed in this e-mail are those of the author and do not represent
> those of the Baptist School of Health Professions. If you have
> received this e-mail in error, or are not the named recipient(s), you
> are hereby notified that any review, dissemination, distribution or
> copying of this communication is prohibited by the sender and to do so
> might constitute a violation of the Electronic Communications Privacy
> Act, 18 U.S.C. section 2510-2521. Please immediately notify the sender
> and delete this e-mail and any attachments from your computer.
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
--
Ing. Ivan Noris
Senior Identity Management Engineer
evolveum.com evolveum.com/blog/
_____________________________________________
"Semper Id(e)M Vix."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20141210/57db925a/attachment.htm>
More information about the midPoint
mailing list