[midPoint] How to blank out user properties?
Richard Frovarp
richard.frovarp at ndsu.edu
Thu Jul 2 21:13:24 CEST 2020
But students can be employed. I need it so that if they aren't in that resource, they are removed. You're earlier example makes some sense, but I don't have a deep enough understanding of midPoint to fully implement it. Error complains about the source of $user/assignments. I'm on 4.1 and it looks like that may have changed some, but I can't quite figure out how.
Kind of frustrated as this seems like it should be a basic operation, and it's the one thing stopping me from going further. I don't want a mess of stale data in a brand new system a day after it goes up.
I've been looking at queries and bulk actions, but I can't figure out how to find all users that aren't referenced by a resource. I can find all in the resource, and all that have a resource that isn't it (which is all of the users as names are pulled in from a different resource). What is a one minute query in raw SQL is beyond my understanding here right now.
On Thu, 2020-07-02 at 13:15 -0500, Jason Everling wrote:
Also this in the default template, if return null; doesn’t work you could also go with return ‘’; . So many different ways to do it without relying on a deleted template
<mapping>
<description>Clean out department</description>
<strength>strong</strength>
<source>
<path>$user/extension/your_affiliation</path>
</source>
<target>
<path>$user/extension/ndsuPrimaryJobTitle</path>
</target>
<expression>
<script>
<code>
if (affiliation == ‘student’) {
return null;
}
</code>
</script>
</expression>
</mapping>
From: Jason Everling<mailto:jeverling at bshp.edu>
Sent: Thursday, July 2, 2020 1:06 PM
To: midPoint General Discussion<mailto:midpoint at lists.evolveum.com>
Subject: RE: [midPoint] How to blank out user properties?
* only if the resource isn’t assigned?
From: Jason Everling<mailto:jeverling at bshp.edu>
Sent: Thursday, July 2, 2020 1:04 PM
To: midPoint General Discussion<mailto:midpoint at lists.evolveum.com>
Subject: RE: [midPoint] How to blank out user properties?
What about just a regular mapping in the default user template with a condition strong that gets applied and only if the resource is assigned?
<mapping>
<description>Clean out department</description>
<strength>strong</strength>
<source>
<path>$user/assignments</path>
</source>
<target>
<path>$user/extension/ndsuPrimaryJobTitle</path>
</target>
<expression>
<script>
<code>
if (assignment != your resource) {
return null;
}
</code>
</script>
</expression>
</mapping>
From: Richard Frovarp<mailto:richard.frovarp at ndsu.edu>
Sent: Thursday, July 2, 2020 12:56 PM
To: midpoint at lists.evolveum.com<mailto:midpoint at lists.evolveum.com>
Subject: Re: [midPoint] How to blank out user properties?
I've seen your archive example. I wasn't completely clear. I don't want to archive the old value. I just want it gone. I want to keep the user object though. So if I were to leave NDSU, we would want there to still be the name, employee number, etc to remain. But my title would no longer apply. A bigger deal if I were to become a student, we wouldn't want my job title applied to my AD object for instance as it wouldn't be applicable. Just trying to get the value back to null.
On Thu, 2020-07-02 at 12:22 -0500, Jason Everling wrote:
So what I can read from, you want to archive the old value? We do this for various attributes when they are changed, see here, I had added it to the midpoint samples a while back, it will take the old value which was previously set and then add it to a custom schema attribute for archival history, such as a username change, level change, affiliation, etc..
https://github.com/evolveum/midpoint-samples/blob/master/samples/contrib/bshp/objects/objectTemplates/Includes%20-%20Archiving.xml
From: Richard Frovarp<mailto:richard.frovarp at ndsu.edu>
Sent: Thursday, July 2, 2020 11:13 AM
Subject: [midPoint] How to blank out user properties?
I'm reading a list of our employees from a DB through a
DatabaseTableConnector resource. As part of that process I'm setting a
custom schema element that is their title. That's fine. However, when
they are no longer employed, they disappear from the database table.
So I'm trying to blank out the title property, since if they aren't
employed anymore, they don't have a title. We want to keep historic
records, and they may still be a student, which we wouldn't populate a
title.
How does one go about doing this? It was suggested using an object
template on the deleted situation, but that doesn't appear to be
working.
Resource:
<reaction>
<situation>deleted</situation>
<synchronize>true</synchronize>
<action>
<handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/action
-3#unlink</handlerUri>;
</action>
<objectTemplateRef oid="5b23b0d3-0740-47a1-932d-c5a4ab513bc4" />
</reaction>
User Template:
<mapping>
<description>Clean out department</description>
<strength>strong</strength>
<target>
<path>$user/extension/ndsuPrimaryJobTitle</path>
</target>
<expression>
<script>
<code>null</code>
</script>
</expression>
</mapping>
No errors are thrown, it's just that the title element remains populate
with the last know value when the user is deleted from the resource.
Thanks,
Richard
_______________________________________________
midPoint mailing list
midPoint at lists.evolveum.com
https://lists.evolveum.com/mailman/listinfo/midpoint
_______________________________________________
midPoint mailing list
midPoint at lists.evolveum.com<mailto:midPoint at lists.evolveum.com>
https://lists.evolveum.com/mailman/listinfo/midpoint
_______________________________________________
midPoint mailing list
midPoint at lists.evolveum.com<mailto:midPoint at lists.evolveum.com>
https://lists.evolveum.com/mailman/listinfo/midpoint
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20200702/338629cc/attachment.htm>
More information about the midPoint
mailing list