[midPoint] catch delta events in template
Roman Pudil - AMI Praha a.s.
roman.pudil at ami.cz
Tue Apr 12 10:10:12 CEST 2016
Hi Pavol,
I am sorry.
Goal: If attribute $user/extension/currentADDisplayName is changed, then
search user with the same currentADDisplayName attribute value - only
with new value, not with old/removed value (duplicity); If found, then
throw exeption, else save new value.
Problem: This code is always performed, even if the attribute
$user/extension/currentADDisplayName does not change.
My suggestion: Check, if $user/extension/currentADDisplayName currently
changing. It is OK?
PS: It is some way to show some "alert window" in groovy similar to
javascript alert window?
<mapping>
<name>AD Display Name</name>
<strength>normal</strength>
<source>
<c:path>$user/name</c:path>
</source>
<source>
<c:path>$user/extension/currentADDisplayName</c:path>
</source>
<expression>
<script>
<relativityMode>relative</relativityMode>
<language>http://midpoint.evolveum.com/xml/ns/public/expression/language#Groovy</language>
<code>
import java.text.Normalizer;
import javax.xml.namespace.QName;
import com.evolveum.midpoint.prism.query.ObjectQuery;
import
com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowKindType;
import
com.evolveum.midpoint.xml.ns._public.common.common_3.UserType;
import com.evolveum.midpoint.prism.query.EqualFilter;
import com.evolveum.midpoint.prism.query.AndFilter;
import com.evolveum.midpoint.prism.query.NotFilter;
import com.evolveum.midpoint.prism.path.ItemPath;
import com.evolveum.midpoint.prism.PrismConstants;
import
com.evolveum.midpoint.xml.ns._public.common.common_3.FocusType;
import
com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType;
import
com.evolveum.prism.xml.ns._public.types_3.PolyStringType;
import
com.evolveum.prism.xml.ns._public.types_3.ObjectReferenceType;
import com.evolveum.midpoint.schema.SelectorOptions;
import com.evolveum.midpoint.schema.GetOperationOptions;
import
com.evolveum.midpoint.model.api.PolicyViolationException;
import com.evolveum.midpoint.prism.polystring.PolyString;
// vyhledat duplicitu na currentADDisplayName
// ------------ needs to be edited -----------------
searchAttrName = "currentADDisplayName"; // name of
attribute to search
searchAttrValue = currentADDisplayName; // value of
attribute to search (filled from definition in "source" path above)
searchAttrUserName = "name"; // name of attribute to
search
searchAttrUserValue = name; // value of attribute to
search (filled from definition in "source" path above)
// ------------ needs to be edited (END) -----------------
boolean isNew =
com.evolveum.midpoint.model.common.expression.script.ScriptExpressionEvaluationContext.getThreadLocal().isEvaluateNew();
if (isNew && !basic.isEmpty(searchAttrValue)) {
def filters = [];
filters.add(NotFilter.createNot(EqualFilter.createEqual(new ItemPath(new
QName(searchAttrUserName)),
user.asPrismObject().getDefinition().findPropertyDefinition(new
QName(searchAttrUserName)), null, searchAttrUserValue)));
filters.add(EqualFilter.createEqual(new ItemPath(new
ItemPath(PrismConstants.EXTENSION_LOCAL_NAME), new
QName('http://ami.cz/xml/ns/userExtension', searchAttrName)),
user.asPrismObject().getExtension().getDefinition().findPropertyDefinition(new
QName(searchAttrName)), null, new String(searchAttrValue)));
filter = AndFilter.createAnd(filters);
// use midPoint Library method "searchObjects"
allUsers = midpoint.searchObjects(UserType.class,
ObjectQuery.createObjectQuery(filter));
if (allUsers.size() > 0 ) {
allUsers.each {
throw new
com.evolveum.midpoint.model.api.PolicyViolationException('>>>>>
Duplicitní AD Display Name ' + currentADDisplayName + ', toto Display
Name má již uživatel ' + it?.getName() + '. <<<<<');
}
} else {
return currentADDisplayName;
}
}
</code>
</script>
</expression>
<target>
<c:path>$user/extension/currentADDisplayName</c:path>
</target>
<condition>
<script>
<code>!basic.isEmpty(basic.stringify(currentADDisplayName))</code>
</script>
</condition>
<evaluationPhase>afterAssignments</evaluationPhase>
</mapping>
Regards
Roman Pudil
Roman Pudil
solution architect
gsm: [+420] 775 663 666
e-mail: roman.pudil at ami.cz
AMI Praha a.s.
Pláničkova 11
162 00 Praha 6
tel./fax: [+420] 274 783 239
web: www.ami.cz
Textem tohoto e-mailu podepisující neslibuje uzavřít ani neuzavírá za
společnost AMI Praha a.s.
jakoukoliv smlouvu. Každá smlouva, pokud bude uzavřena, musí mít
výhradně písemnou formu.
------ Původní zpráva ------
Od: "Pavol Mederly" <mederly at evolveum.com>
Komu: midpoint at lists.evolveum.com
Odesláno: 12.4.2016 6:35:59
Předmět: Re: [midPoint] catch delta events in template
>Hello Roman,
>
>I'm not sure I understand what you're trying to achieve.
>
>Do you want to do something like this?
>
>" IF attribute X was changed
> THEN do something with attribute Y ?"
>
>Could you provide a more specific description, please?
>
>Best regards,
>Pavol
>
>
>On 11.04.2016 16:21, Roman Pudil - AMI Praha a.s. wrote:
>>Hi Ivan,
>>once more:
>>How to get (or check) in user template, that current attribute is
>>changing? How to do it? Some code about deltas?
>>
>>Your script about "isNew" variable (see later) evaluates attribute
>>every time when user object is changed (without changing this
>>attribute).
>>
>>Thanks!
>>Regards
>>
>>Roman Pudil
>>solution architect
>>
>>gsm: [+420] 775 663 666
>>e-mail: roman.pudil at ami.cz
>>
>>
>>AMI Praha a.s.
>>Pláničkova 11
>>162 00 Praha 6
>>tel./fax: [+420] 274 783 239
>>web: www.ami.cz
>>
>>
>>
>>
>>
>>Textem tohoto e-mailu podepisující neslibuje uzavřít ani neuzavírá za
>>společnost AMI Praha a.s.
>>jakoukoliv smlouvu. Každá smlouva, pokud bude uzavřena, musí mít
>>výhradně písemnou formu.
>>
>>
>>
>>------ Původní zpráva ------
>>Od: "Roman Pudil - AMI Praha a.s." <roman.pudil at ami.cz>
>>Komu: "midPoint General Discussion" <midpoint at lists.evolveum.com>
>>Odesláno: 7.4.2016 13:15:00
>>Předmět: Re[2]: [midPoint] catch delta events in template
>>
>>>Thanks! This works!
>>>
>>>
>>>Roman Pudil
>>>solution architect
>>>
>>>gsm: [+420] 775 663 666
>>>e-mail: roman.pudil at ami.cz
>>>
>>>
>>>AMI Praha a.s.
>>>Pláničkova 11
>>>162 00 Praha 6
>>>tel./fax: [+420] 274 783 239
>>>web: http://www.ami.cz/
>>>
>>>
>>>
>>>
>>>
>>>Textem tohoto e-mailu podepisující neslibuje uzavřít ani neuzavírá za
>>>společnost AMI Praha a.s.
>>>jakoukoliv smlouvu. Každá smlouva, pokud bude uzavřena, musí mít
>>>výhradně písemnou formu.
>>>
>>>
>>>
>>>------ Původní zpráva ------
>>>Od: "Ivan Noris" <ivan.noris at evolveum.com>
>>>Komu: midpoint at lists.evolveum.com
>>>Odesláno: 7.4.2016 11:51:30
>>>Předmět: Re: [midPoint] catch delta events in template
>>>
>>>>Hi Roman,
>>>>
>>>>I was using this in user template to copy each change of
>>>>emailAddress attribute, i.e. only new addresses entered there, to
>>>>extended attribute allMailAddresses (to keep all previous
>>>>addresses):
>>>>
>>>> <mapping>
>>>> <name>copy emailAddress on change</name>
>>>> <source>
>>>> <path>$user/employeeType</path>
>>>> </source>
>>>> <source>
>>>> <path>$user/emailAddress</path>
>>>> </source>
>>>> <expression>
>>>> <script>
>>>> <code>
>>>>boolean isNew =
>>>>com.evolveum.midpoint.model.common.expression.script.ScriptExpressionEvaluationContext.getThreadLocal().isEvaluateNew()
>>>>if (isNew && !basic.isEmpty(emailAddress)) return
>>>>emailAddress
>>>> </code>
>>>> </script>
>>>> </expression>
>>>> <target>
>>>> <path>$user/extension/allMailAddresses</path>
>>>> </target>
>>>> <condition>
>>>> <script>
>>>> <code>employeeType == 'EMP' || employeeType ==
>>>>'EXT'</code>
>>>> </script>
>>>> </condition>
>>>> <evaluationPhase>afterAssignments</evaluationPhase>
>>>> </mapping>
>>>>
>>>>Regards,
>>>>Ivan
>>>>
>>>>
>>>>On 04/07/2016 11:45 AM, Roman Pudil - AMI Praha a.s. wrote:
>>>>>Hi all,
>>>>>
>>>>>how to catch delta events in user template (similar "events"
>>>>>objects in notifications)?
>>>>>
>>>>>Situation - example:
>>>>>User has familyName = "oldFamilyName"
>>>>>Helpdesk Operator change familyname (in GUI) from "oldFamilyName"
>>>>>to "newFamilyName"
>>>>>I need catch (probably in User Template?) ONLY new value
>>>>>"newFamilyName" and operate with this.
>>>>>Thanks!
>>>>>
>>>>>Regards
>>>>>
>>>>>Roman Pudil
>>>>>
>>>>>Roman Pudil
>>>>>solution architect
>>>>>
>>>>>gsm: [+420] 775 663 666
>>>>>e-mail: roman.pudil at ami.cz
>>>>>
>>>>>
>>>>>AMI Praha a.s.
>>>>>Pláničkova 11
>>>>>162 00 Praha 6
>>>>>tel./fax: [+420] 274 783 239
>>>>>web: http://www.ami.cz/
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>Textem tohoto e-mailu podepisující neslibuje uzavřít ani neuzavírá
>>>>>za společnost AMI Praha a.s.
>>>>>jakoukoliv smlouvu. Každá smlouva, pokud bude uzavřena, musí mít
>>>>>výhradně písemnou formu.
>>>>>
>>>>>
>>>>>
>>>>>_______________________________________________ midPoint mailing
>>>>>list
>>>>>midPoint at lists.evolveum.comhttp://lists.evolveum.com/mailman/listinfo/midpoint
>>>>
>>>>-- Ing. Ivan Noris Senior Identity Management Engineer & IDM
>>>>Architect evolveum.com evolveum.com/blog/
>>>>___________________________________________________ "Semper ID(e)M
>>>>Vix."
>>
>>
>>_______________________________________________ midPoint mailing list
>>midPoint at lists.evolveum.comhttp://lists.evolveum.com/mailman/listinfo/midpoint
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160412/97ab1a0d/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4060 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160412/97ab1a0d/attachment.bin>
More information about the midPoint
mailing list