[midPoint] Object Sync condition - check user's existence

Ana Pereyra apereyra at identicum.com
Mon Oct 24 22:23:10 CEST 2016 

Hi Gustav, thank you very much for your answer.

I tried your solution and added this code to my
objectSynchronization/condition node:

*                  shadowUid = basic.getIdentifierValue(shadow);*
*                  userInMPQuery = QueryBuilder.queryFor(UserType.class,
midpoint.getPrismContext())*
*                    .item(UserType.F_NAME).eq(shadowUid)*
*                    .build();*
*                  userInMP = midpoint.searchObjects(UserType.class,
userInMPQuery);*
*                  isInMP = userInMP?.size()>0 ? true : false;*

I'm getting the following error:

*Caused by: java.lang.IllegalArgumentException: Operation result must not
be null.*
*        at org.apache.commons.lang.Validate.notNull(Validate.java:192)
~[commons-lang-2.6.jar:2.6]*
*        at
com.evolveum.midpoint.model.impl.controller.ModelController.searchObjects(ModelController.java:743)
[model-impl-3.4.jar:na]*
*        at
com.evolveum.midpoint.model.impl.expr.MidpointFunctionsImpl.searchObjects(MidpointFunctionsImpl.java:912)
~[model-impl-3.4.jar:na]*
*        at
com.evolveum.midpoint.model.api.expr.MidpointFunctions$searchObjects.call(Unknown
Source) ~[na:na]*
*        at
org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:45)
~[groovy-all-2.4.0.jar:2.4.0]*
*        at
org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:108)
~[groovy-all-2.4.0.jar:2.4.0]*
*        at
org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:128)
~[groovy-all-2.4.0.jar:2.4.0]*
*        at Script33.run(Script33.groovy:19) ~[na:na]*
*        at
org.codehaus.groovy.jsr223.GroovyScriptEngineImpl.eval(GroovyScriptEngineImpl.java:344)
~[groovy-all-2.4.0.jar:2.4.0]*
*        ... 108 common frames omitted*

And this is the query that's allocated in '*userInMPQuery'*:

2016-10-24 17:07:59,075 [] [http-bio-8080-exec-3] ERROR
(com.evolveum.midpoint.expression): Query debug: Filter:
  EQUAL:
    PATH: name
    DEF: PPD:{.../common/common-3}name {
http://prism.evolveum.com/xml/ns/public/types-3}PolyStringType[0,1],RAM
    VALUE:
      userName
Paging: null

Any ideas what this could be? I couldn't find a reason for this behaviour.
Thanks in advance.

Regards


2016-10-24 14:32 GMT-03:00 Pálos Gustáv <gustav.palos at evolveum.com>:

> Hi Ana,
>
> I'm using for similar use case this condition in objectSynchronization:
>
>             <condition>
>                 <script>
>                     <code>
>       import com.evolveum.midpoint.xml.ns._public.common.common_3.
> UserType;
>       import com.evolveum.midpoint.prism.query.builder.QueryBuilder;
>       import com.evolveum.midpoint.prism.path.ItemPath;
>
>                         STATUSS = basic.getAttributeValue(shadow,
> 'STATUSS')
>
>                         toImport = STATUSS == '01'
>
> // find user in MP, if exists syncronize it also
>                         log.info('shadow {}', shadow.asPrismObject().
> debugDump())
>                         activation = shadow.getActivation()
>                         shadowUid = basic.getIdentifierValue(shadow);
>                userInMPQuery = QueryBuilder.queryFor(UserType.class,
> midpoint.getPrismContext()).item(UserType.F_EMPLOYEE_
> NUMBER).eq(shadowUid).and().item(UserType.F_EMPLOYEE_TYPE)
> .eq("pavs").build()
>                userInMP = midpoint.searchObjects(UserType, userInMPQuery);
>                isInMP = userInMP?.size()>0 ? true : false;
>                log.info('isInMP: '+isInMP);
>
>
>                         toImport = isInMP || toImport;
>
>                         return toImport;
>                     </code>
>                 </script>
>             </condition>
>
> In my case I need to have status=='01' (enabled), or already imported
> (variable isInMP)
>
> Gustav
>
>
> 2016-10-24 19:21 GMT+02:00 Ana Pereyra <apereyra at identicum.com>:
>
>> Hi everybody.
>>
>> I have the following issue: I need to import users from two different
>> database table resources. The problem is that I don't want to create in
>> mipoint every user in the tables, I will create a user in midpoint only if
>> the database field value that sets the validTo date attribute is lower than
>> the current date.
>>
>> But that's for the creation only, if the user already exists in midpoint,
>> I want to link the account to that user, no matter if the validTo date is
>> lower than the current date or not (because maybe I have to update the
>> validTo date to disable the user).
>>
>> I think I'll need some way to check if the user already exists in the
>> synchronization/objectSynchronization/condition. Can anyone help me with
>> this? Is this possible?
>> Thank you very much.
>>
>> Regards
>>
>> --
>> *Ana Pereyra*
>>  Identicum S.A.
>>
>> *Jorge Newbery 3226, ArgentinaTel: +54 (11) **4552.3050*
>> *apereyra at identicum.com <apereyra at identicum.com>*
>> www.identicum.com
>>
>> _______________________________________________
>> midPoint mailing list
>> midPoint at lists.evolveum.com
>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>
>>
>
>
> --
> Gustáv Pálos
> Identity Engineer
> evolveum.com
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>


-- 
*Ana Pereyra*
 Identicum S.A.

*Jorge Newbery 3226, ArgentinaTel: +54 (11) **4552.3050*
*apereyra at identicum.com <apereyra at identicum.com>*
www.identicum.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20161024/fb2b080c/attachment.htm>

More information about the midPoint mailing list