[midPoint] User activation by HR data with manual override possibility
Pálos Gustáv
gustav.palos at evolveum.com
Mon Jan 16 15:35:15 CET 2017
do you use midPoing 3.5?
We has a bug with this problem in older versions...
2017-01-16 15:33 GMT+01:00 Aivo Kuhlberg <aivo.kuhlberg at rmit.ee>:
> Hi Gustav,
> import namespace statement solved the problem. Now the attribute is loaded
> but I am facing next problem - I see in GUI attribute
> overrideAdministrativeStatus and I can change its values but it does not
> show the correct values in user GUI. When I look at the database then I see
> that the value has changed (eg 'disabled') but in GUI it shows always the
> value "Undefined":
>
>
>
>
> I tried to create manually the lookup table for that attribute and link
> it in user template with valueEnumerationRef but seems that it does not
> work this way either.
>
>
> Best regards,
>
> Aivo
> ------------------------------
> *Saatja:* midPoint <midpoint-bounces at lists.evolveum.com> nimelPálos
> Gustáv <gustav.palos at evolveum.com>
> *Saadetud:* 16. jaanuar 2017 11:42
>
> *Adressaat:* midPoint General Discussion
> *Teema:* Re: [midPoint] User activation by HR data with manual override
> possibility
>
> Hi,
>
> please check your schema if has this at the beginning:
>
> <xsd:schema elementFormDefault="qualified"
> targetNamespace="http://evolveum.com/evolutiongaming"
> xmlns:tns="http://evolveum.com/evolutiongaming"
> xmlns:a="http://prism.evolveum.com/xml/ns/public/annotation-3"
> *
> xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3
> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>"*
> xmlns:xsd="http://www.w3.org/2001/XMLSchema">
> *<xsd:import
> namespace="http://midpoint.evolveum.com/xml/ns/public/common/common-3
> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>"/>*
> ...
>
> Best regards,
>
> Gustav
>
> 2017-01-16 10:18 GMT+01:00 Aivo Kuhlberg <aivo.kuhlberg at rmit.ee>:
>
>> Hi Gustav,
>>
>> That is very compact and elegant solution. Unfortunately when I tried to
>> implement that by adding first parameter overrideAdministrativeStatus to
>> userExtension.xsd file I ran into the schema extension error:
>>
>>
>> 2017-01-16 11:09:06,737 [] [localhost-startStop-1] ERROR
>> (com.evolveum.midpoint.prism.schema.SchemaHandler): Error occured during
>> schema parsing: [Error] on line 120 at file:///home/mpdev/SystemId, null
>> undefined simple or complex type 'c:ActivationStatusType'
>> 2017-01-16 11:09:06,738 [] [localhost-startStop-1] WARN
>> (org.springframework.web.context.support.XmlWebApplicationContext):
>> Exception encountered during context initialization - cancelling refresh
>> attempt: org.springframework.beans.factory.BeanCreationException: Error
>> creating bean with name 'repositoryFactory': Injection of autowired
>> dependencies failed; nested exception is org.springframework.beans.factory.BeanCreationException:
>> Could not autowire field: private com.evolveum.midpoint.prism.PrismContext
>> com.evolveum.midpoint.init.RepositoryFactory.prismContext; nested
>> exception is org.springframework.beans.factory.BeanCreationException:
>> Error creating bean with name 'prismContext' defined in class path resource
>> [ctx-configuration.xml]: Bean instantiation via factory method failed;
>> nested exception is org.springframework.beans.BeanInstantiationException:
>> Failed to instantiate [com.evolveum.midpoint.prism.PrismContext]:
>> Factory method 'createInitializedPrismContext' threw exception; nested
>> exception is com.evolveum.midpoint.util.exception.SchemaException: XML
>> error during XSD schema parsing: undefined simple or complex type
>> 'c:ActivationStatusType'(embedded exception null) in file
>> /home/mpdev/midpoint-data/schema/userExtension.xsd
>> 2017-01-16 11:09:06,760 [] [localhost-startStop-1] ERROR
>> (org.springframework.web.context.ContextLoader): Context initialization
>> failed
>> org.springframework.beans.factory.BeanCreationException: Error creating
>> bean with name 'repositoryFactory': Injection of autowired dependencies
>> failed; nested exception is org.springframework.beans.factory.BeanCreationException:
>> Could not autowire field: private com.evolveum.midpoint.prism.PrismContext
>> com.evolveum.midpoint.init.RepositoryFactory.prismContext; nested
>> exception is org.springframework.beans.factory.BeanCreationException:
>> Error creating bean with name 'prismContext' defined in class path resource
>> [ctx-configuration.xml]: Bean instantiation via factory method failed;
>> nested exception is org.springframework.beans.BeanInstantiationException:
>> Failed to instantiate [com.evolveum.midpoint.prism.PrismContext]:
>> Factory method 'createInitializedPrismContext' threw exception; nested
>> exception is com.evolveum.midpoint.util.exception.SchemaException: XML
>> error during XSD schema parsing: undefined simple or complex type
>> 'c:ActivationStatusType'(embedded exception null) in file
>> /home/mpdev/midpoint-data/schema/userExtension.xsd
>>
>> I think the parameter type="c:ActivationStatusType" is causing this
>> error. I tried to change it to type="xsd:ActivationStatusType" but this
>> did not help either. Do you have any ideas how to fix that?
>>
>>
>> Best regards,
>>
>> Aivo
>> ------------------------------
>> *Saatja:* midPoint <midpoint-bounces at lists.evolveum.com> nimelPálos
>> Gustáv <gustav.palos at evolveum.com>
>> *Saadetud:* 16. jaanuar 2017 9:41
>> *Adressaat:* midPoint General Discussion
>> *Teema:* Re: [midPoint] User activation by HR data with manual override
>> possibility
>>
>> Hi Aivo,
>>
>> I created in one project extension/overrideAdministrativeStatus user
>> schema extension and when it is enabled or disabled, I use this value over
>> object template user, elsewhere keep as is from
>> activation/administrativeStatus.
>>
>> <xsd:element name="overrideAdministrativeStatus"
>> type="c:ActivationStatusType" minOccurs="0">
>> <xsd:annotation>
>> <xsd:appinfo>
>> <a:indexed>true</a:indexed>
>> <a:displayName>Override Administrative
>> status</a:displayName>
>> <a:displayOrder>900</a:displayOrder>
>> </xsd:appinfo>
>> <xsd:documentation>
>> If this is filled, override administrative status
>> from HR calculated from status.
>> If you use this, please write to description a
>> reason, why you do this (for example: She works on maternity leave).
>> </xsd:documentation>
>> </xsd:annotation>
>> </xsd:element>
>>
>> <mapping>
>> <name>Override administrative status if needed</name>
>> <strength>strong</strength>
>> <source>
>> <path>$user/activation/administrativeStatus</path>
>> </source>
>> <source>
>> <path>$user/extension/overrideAdministrativeStatus</path>
>> </source>
>> <expression>
>> <script>
>> <code>
>> if (overrideAdministrativeStatus!=null) {
>> return overrideAdministrativeStatus;
>> }
>> return administrativeStatus;
>> </code>
>> </script>
>> </expression>
>> <target> <!-- need both administrativeStatus & effectiveStatus also -->
>> <path>$user/activation/administrativeStatus</path>
>> </target>
>> <condition>
>> <script>
>> <language>http://midpoint.evolveum.com/xml/ns/public/express
>> ion/language#Groovy</language>
>> <code>overrideAdministrativeStatus !=null</code>
>> </script>
>> </condition>
>> </mapping>
>>
>>
>> Best regards,
>>
>> Gustav
>>
>> 2017-01-16 8:32 GMT+01:00 Aivo Kuhlberg <aivo.kuhlberg at rmit.ee>:
>>>
>>>> Hi,
>>>>
>>>> I want to implement midPoint user activation mechanism based on HR
>>>> resource user account field value with manual GUI override possibility.
>>>> When the HR resource field "status" has value "WRS" (work relationship
>>>> stopped) then the midPoint user should be disabled, otherwise user should
>>>> be enabled. However, I need also possibility to manually override current
>>>> midPoint user activation value.
>>>> I tried implemented inbound activation for HR resource (like
>>>> https://github.com/Evolveum/midpoint/blob/master/samples/demo/hr.xml)
>>>> and it works - When I set HR user status to value "WRS" then midPoint
>>>> user's administrative status is changed to state Disabled. I can also
>>>> manually enable disabled user if needed in administration GUI. But the
>>>> problem here is that both HR resource and admin gui have the same access to
>>>> user's administrativeStatus value - I can change the user status in GUI but
>>>> whenever the HR user data is changed then it changes also
>>>> administrativeStatus back to value depanding on status field. Any ideas,
>>>> how should I implement disabling/enabling of user based on HR data with
>>>> manual user activation override possibility?
>>>> Thanks,
>>>> Aivo Kuhlberg
>>>>
>>>> ------------------------------
>>>> Käesolev e-kiri võib sisaldada asutusesiseseks kasutamiseks tunnistatud
>>>> teavet.
>>>> This e-mail may contain information which is classified for official
>>>> use.
>>>>
>>>> _______________________________________________
>>>> midPoint mailing list
>>>> midPoint at lists.evolveum.com
>>>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>>>
>>>>
>>>
>>>
>>> --
>>> s pozdravom
>>>
>>> Gustáv Pálos
>>>
>>
>>
>>
>> --
>> Gustáv Pálos
>> Identity Engineer
>> evolveum.com
>>
>> ------------------------------
>> Käesolev e-kiri võib sisaldada asutusesiseseks kasutamiseks tunnistatud
>> teavet.
>> This e-mail may contain information which is classified for official use.
>>
>> _______________________________________________
>> midPoint mailing list
>> midPoint at lists.evolveum.com
>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>
>>
>
>
> --
> Gustáv Pálos
> Identity Engineer
> evolveum.com
>
> ------------------------------
> Käesolev e-kiri võib sisaldada asutusesiseseks kasutamiseks tunnistatud
> teavet.
> This e-mail may contain information which is classified for official use.
>
--
Gustáv Pálos
Identity Engineer
evolveum.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20170116/0124527b/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OAS_values.png
Type: image/png
Size: 3637 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20170116/0124527b/attachment.png>
More information about the midPoint
mailing list