[midPoint] Expression - need a little help with "get role members"

Pavol Mederly mederly at evolveum.com
Wed Oct 17 09:43:53 CEST 2018 

Wojciech,

you can have a look at Fluent Query API in 
https://wiki.evolveum.com/display/midPoint/Updated+Query+API. Maybe a 
bit outdated (written back in 2015) but should be helpful.

Best regards,

Pavol Mederly
Software developer
evolveum.com

On 17.10.2018 9:38, Wojciech Staszewski wrote:
> Hi!
> Thank you, but I know how to do it via REST or query filter, but I am 
> looking for method for use in script (Groovy) expression.
>
> Regards,
> WS
>
> W dniu 16.10.2018 o 23:08, Stacy Brock pisze:
>> Try this, via the REST API:
>>
>> POST /midpoint/ws/rest/users/search HTTP/1.1
>> Authorization: ***** Hidden credentials *****
>> Content-Type: application/xml
>> Host: yourmidpoint.someplace.edu
>> Connection: close
>> User-Agent: Paw/3.1.7 (Macintosh; OS X/10.12.6) GCDHTTPRequest
>> Content-Length: 410
>>
>> <?xml version="1.0"?>
>> <q:query xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3">
>>      <q:filter>
>>          <q:ref>
>>              <q:path>assignment/targetRef</q:path>
>>              <q:value oid="CHANGETHIS_ROLE_OID"/>
>>          </q:ref>
>>      </q:filter>
>>      <q:paging>
>>          <q:orderBy>name</q:orderBy>
>>          <q:offset>0</q:offset>
>>          <q:maxSize>10</q:maxSize>
>>      </q:paging>
>> </q:query>
>>
>> Change "CHANGETHIS_ROLE_OID" to the OID of the role in question. 
>> Change path to "roleMembershipRef" for ACTIVE assignments. You'll 
>> definitely want to keep the paging on unless you only have a handful 
>> of users.
>>
>> The result is a big glob of xml that you'll have to parse on your 
>> own, but the user OIDs should be in there.
>>
>> Hope this helps,
>> -Stacy
>>
>>
>> On 10/16/18 1:47 PM, Wojciech Staszewski wrote:
>>> Hello Community!
>>>
>>> I'm currently working on some script expression and I'm stuck for a 
>>> while.
>>> I need a method to get a list of user oids - direct members of 
>>> specified
>>> role,
>>> exactly like in the 'query playground' - 'users that have a direct
>>> assignment of a role' query example.
>>> Direct and active members would be more than great.
>>>
>>> I was looking for it on midPoint API Distribution page with no 
>>> success. :(
>>> Maybe you know if there is a method for this, ready and waiting to be
>>> used by me?
>>>
>>> Thanks!
>>> WS
>>>
>>
>

More information about the midPoint mailing list