[midPoint] ScriptedSQL connector: multiple group types

Wojciech Staszewski wojciech.staszewski at diagnostyka.pl
Mon Dec 19 21:53:58 CET 2016 

Thanks!

So then, it shouldn't be so hard.
Best regards!

Dnia poniedziałek, 19 grudnia 2016 20:38:42 CET Pavol Mederly pisze:
> Wojciech,
> 
> I think your original idea is OK. You can create multiple types - i.e. 
> object classes - in SchemaScript for your groups. Like Group1, Group2, 
> ..., BlueGroup, RedGroup, GreenGroup, ..., DatabaseRole, 
> ApplicationModule, Workplace. Anything you want. As soon as you 
> consistently refer to them in all your scripts.
> 
> And yes, you then map these object classes to midPoint terms: 
> kind/intent; kind being entitlement in this case, and intents as you 
> like. For example, databaseRole, applicationModule, or workplace.
> 
> Pavol Mederly
> Software developer
> evolveum.com
> 
> On 19.12.2016 20:25, Wojciech Staszewski wrote:
> > Hello!
> >
> > Jokes are over. My first scriptedSQL connector works like a charm (Zabbix account with group membership), so it is time for something more sophisticated.
> > I've got a system, where user's access rights are set by 3 different memberships.
> > First membership are database roles.
> > Second are application modules available for user.
> > Third type are "workplaces" (with time constraints).
> > These 3 memberships are independent, each user can have for example 3 roles, 12 enabled modules and 5 workplaces.
> >
> > I thought that I can do multiple group types in SchemaScript and distinguish them by "intent".
> > But I can't do this. I can declare only 1 CustomGroupObjectClass...
> > Any advice? Thanks and regards,
> > WS :)
> >
> > _______________________________________________
> > midPoint mailing list
> > midPoint at lists.evolveum.com
> > http://lists.evolveum.com/mailman/listinfo/midpoint
> 
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
> 


-- 
Wojciech Staszewski
Administrator Systemów Sieciowych
Dział IT
DIAGNOSTYKA 
Spółka z ograniczoną odpowiedzialnością 
ul. Prof. M. Życzkowskiego 16, 31-864 Kraków
tel.: +48 12 295 01 00
fax: +48 12 295 01 02 
tel. kom: 663 680 236
www.diag.pl
DIAGNOSTYKA Spółka z ograniczoną odpowiedzialnością ul. Prof. M. Życzkowskiego 16, 31-864 Kraków; 
KRS: Sąd Rejonowy dla Krakowa-Śródmieścia w Krakowie, XI Wydział Gospodarczy Krajowego KRS: 0000381559; NIP: 675-12-65-009; REGON: 356366975, Kapitał zakładowy: 33 252 500 zł.

More information about the midPoint mailing list