[midPoint] Synchronize common attribute value between different Objects

Fabian fabianbosch at gmx.de
Tue Jan 22 22:43:09 CET 2019


Hey Arnost

Thanks for your quick reply. I will try to handle this business-logic
with some scripted hooks as you proposed.

cheers

Fabian

Am 15.01.19 um 13:58 schrieb Arnošt Starosta - AMI Praha a.s.:
> Hi Fabian,
>
> afaik there is no midpoint primitive that would address this problem
> directly.
>
> You might use a combination of 
> 1) scripting hook that would react to user status changes and sync
> status of all his cards
> 2) task that periodically checks the consistence of user and card
> status (as a safe net when the hook fails)
>
> Clumsy solution but it should work in the real world. Has huge
> potential for endless enable/disable loops .)
>
> Also i see no condition or other logic in your card service metarole
> to check the enabled status of the card first.
>
> arnost
>
> po 14. 1. 2019 v 20:56 odesílatel Fabian <fabianbosch at gmx.de
> <mailto:fabianbosch at gmx.de>> napsal:
>
>     Hi
>
>     I have a special use case for which I need your help.
>
>     I have a door-lock system which registers cards with its cardID.
>     The collection of cards is handled as midPoint-Ressource and
>     entrys are being synced as Type ServiceType.
>     Users on the other hand are synchronized from openLDAP.
>
>     The use case is that every time I register a new card the card
>     will appear in midPoint as a Service and can then be manually
>     assigned to a user. A user can have 0..n cards assigned.
>
>     both, the user and the card have an attribute "sstatus" which can
>     be set enabled/disabled which means to grant access or not (door).
>
>     I wrote a role which sets the attribute to "enabled" if this role
>     is assigned to a user.
>
>             <inducement id="2">
>                 <focusMappings>
>                     <mapping id="3">
>                         <name>S-Status</name>
>                         <expression>
>                             <script xsi:type="c:ScriptExpressionEvaluatorType">
>                                 <code>
>                         import com.evolveum.midpoint.xml.ns._public.common.common_3.ActivationStatusType;
>                         return ActivationStatusType.ENABLED
>                         </code>
>                             </script>
>                         </expression>
>                         <target>
>                             <c:path>$focus/extension/sstatus</c:path>
>                         </target>
>                     </mapping>
>                 </focusMappings>
>             </inducement>
>
>     I need a way to provide this changed attribute (in *user*) to all
>     of the users *cards* so that every card in the Ressource will have
>     the attribute sstatus=enabled
>
>
>     regards,
>     Fabian
>     _______________________________________________
>     midPoint mailing list
>     midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>     http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
>
> -- 
>
> *Arnošt Starosta*
> solution architect
>
> gsm: [+420] 603 794 932
> e‑mail: arnost.starosta at ami.cz <mailto:arnost.starosta at ami.cz>
>
> *AMI Praha a.s.*
> Pláničkova 11, 162 00 Praha 6
>
> tel.: [+420] 274 783 239 | web: www.ami.cz <https://www.ami.cz>
>
> AMI Praha a.s.
>
> Textem tohoto e‑mailu podepisující neslibuje uzavřít ani neuzavírá
> za společnost AMI Praha a.s.
> jakoukoliv smlouvu. Každá smlouva, pokud bude uzavřena, musí mít
> výhradně písemnou formu.
>  
> Tento e‑mail je určen výhradně pro potřeby jeho adresáta/ů a může
> obsahovat důvěrné nebo osobní
> informace. Nejste‑li zamýšleným příjemcem, je zakázáno jakékoliv
> zveřejňování, zprostředkování
> nebo jiné použití těchto informací. Pokud jste obdrželi e‑mail
> neoprávněně, informujte o tom prosím
> odesílatele a vymažte neprodleně všechny kopie tohoto e‑mailu včetně
> všech jeho příloh. Nakládáním
> s neoprávněně získanými informacemi se vystavujete riziku právního
> postihu.
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
-- 


    Fabian Bosch

------------------------------------------------------------------------


Flickr Fotostream © Fabian Bosch
<https://secure.flickr.com/photos/biberphotoblog>
Etudes Sans Frontières - Studieren Ohne Grenzen e.V., Ressort IT
<https://studieren-ohne-grenzen.org/de/>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20190122/05fb5982/attachment.htm>


More information about the midPoint mailing list