[midPoint] Role assignment from db table

Justin Stanczak rizenine at gmail.com
Mon Apr 8 19:06:08 CEST 2019


I seem to have a mental block on assigning roles to users. I'm trying to
pull from a database view and add or remove roles based on this. So the
table would look like *"username, role, last_update"*. I've tried
associations and attributes using things like assignmentTargetSearch with
no luck. I've been thru the docs many times so I'm sure I'm just not
connecting something. I'm hoping someone could maybe connect the pieces so
I can better understand how this should work. I simply want to add and
remove users from roles. I'm open to changing the view if that helps or if
there's a better way to do this. Thanks.

*Using:*
Midpoint 3.9
DatabaseTableConnector 1.4.3.0
Oracle Table

*Possible data example: *
test, student, <lastupdate>
test, employee, <lastupdate>
test2, employee, <lastupdate>

*This gives the following error: *


*<schemaHandling>*
*        <objectType id="169">*
*            <kind>account</kind>*
*            <default>true</default>*
*            <objectClass>ri:AccountObjectClass</objectClass>*
*            <attribute id="366">*
*                <c:ref>ri:ROLE</c:ref>*
*                <tolerant>true</tolerant>*
*                <exclusiveStrong>false</exclusiveStrong>*
*                <inbound id="367">*
*                    <authoritative>true</authoritative>*
*                    <exclusive>false</exclusive>*
*                    <strength>normal</strength>*
*                    <expression>*
*                        <value>*
*                            <targetRef
oid="c50396ff-14a7-423e-a513-ff28c8bc91ee" type="c:RoleType"/>*
*                        </value>*
*                    </expression>*
*                    <target>*
*                        <c:path>assignment</c:path>*
*                    </target>*
*                </inbound>*
*            </attribute>*
*        </objectType>*
*    </schemaHandling>*


*Error: *

*Attempt to delete value
PCV(null):[PrismReference({.../common/common-3}targetRef):[PRV(oid=9a355bd4-07b3-44e5-8708-caa43e94c2b6,
targetType={.../common/common-3}RoleType)]] from item assignment but that
value is mandated by a strong mapping 'end user role' in
objectTemplate:0488d68b-c064-417e-b5fa-db9b723fb546(User Template) (for
object template objectTemplate:0488d68b-c064-417e-b5fa-db9b723fb546(User
Template) for focus user:54b8326a-a73a-4a29-884d-ebd73cf602f4(test))*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20190408/055c9737/attachment.htm>


More information about the midPoint mailing list