[midPoint] Role assignment from db table
Jason Everling
jeverling at bshp.edu
Mon Apr 8 21:46:23 CEST 2019
looks like it is trying to replace the end user role but that is assigned
from a strong condition in your default user template. You can create
inbound assignment mappings from association.
On Mon, Apr 8, 2019 at 12:29 PM Justin Stanczak <rizenine at gmail.com> wrote:
> Subject tag missing. :)
>
> On Mon, Apr 8, 2019 at 1:06 PM Justin Stanczak <rizenine at gmail.com> wrote:
>
>> I seem to have a mental block on assigning roles to users. I'm trying to
>> pull from a database view and add or remove roles based on this. So the
>> table would look like *"username, role, last_update"*. I've tried
>> associations and attributes using things like assignmentTargetSearch with
>> no luck. I've been thru the docs many times so I'm sure I'm just not
>> connecting something. I'm hoping someone could maybe connect the pieces so
>> I can better understand how this should work. I simply want to add and
>> remove users from roles. I'm open to changing the view if that helps or if
>> there's a better way to do this. Thanks.
>>
>> *Using:*
>> Midpoint 3.9
>> DatabaseTableConnector 1.4.3.0
>> Oracle Table
>>
>> *Possible data example: *
>> test, student, <lastupdate>
>> test, employee, <lastupdate>
>> test2, employee, <lastupdate>
>>
>> *This gives the following error: *
>>
>>
>> *<schemaHandling>*
>> * <objectType id="169">*
>> * <kind>account</kind>*
>> * <default>true</default>*
>> * <objectClass>ri:AccountObjectClass</objectClass>*
>> * <attribute id="366">*
>> * <c:ref>ri:ROLE</c:ref>*
>> * <tolerant>true</tolerant>*
>> * <exclusiveStrong>false</exclusiveStrong>*
>> * <inbound id="367">*
>> * <authoritative>true</authoritative>*
>> * <exclusive>false</exclusive>*
>> * <strength>normal</strength>*
>> * <expression>*
>> * <value>*
>> * <targetRef
>> oid="c50396ff-14a7-423e-a513-ff28c8bc91ee" type="c:RoleType"/>*
>> * </value>*
>> * </expression>*
>> * <target>*
>> * <c:path>assignment</c:path>*
>> * </target>*
>> * </inbound>*
>> * </attribute>*
>> * </objectType>*
>> * </schemaHandling>*
>>
>>
>> *Error: *
>>
>> *Attempt to delete value
>> PCV(null):[PrismReference({.../common/common-3}targetRef):[PRV(oid=9a355bd4-07b3-44e5-8708-caa43e94c2b6,
>> targetType={.../common/common-3}RoleType)]] from item assignment but that
>> value is mandated by a strong mapping 'end user role' in
>> objectTemplate:0488d68b-c064-417e-b5fa-db9b723fb546(User Template) (for
>> object template objectTemplate:0488d68b-c064-417e-b5fa-db9b723fb546(User
>> Template) for focus user:54b8326a-a73a-4a29-884d-ebd73cf602f4(test))*
>>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20190408/67bf81ce/attachment.htm>
More information about the midPoint
mailing list