[midPoint] Filtering inbound data from Postgres table
Pálos Gustáv
gustav.palos at gmail.com
Tue Oct 18 03:40:36 CEST 2022
Hi Kevin,
scripted-sql sample is here:
https://github.com/Evolveum/midpoint-samples/tree/master/samples/resources/scriptedsql
but if you have only one table with data from HR is easier to use build in
database table connector:
https://docs.evolveum.com/connectors/resources/databasetable
Filtering out old data can you do in at least 2 ways:
1) creating a DB view with where condition to filter out all old data what
you never need in midPoint
2) just using resource synchronization/objectSynchronization/condition
something like this:
<condition>
<script>
<code><![CDATA[
import java.text.SimpleDateFormat;
String strFireDate = basic.getAttributeValue(shadow,
'http://midpoint.evolveum.com/xml/ns/public/resource/instance-3',
'Firedate')
if (!basic.isEmpty(strFireDate)) {
SimpleDateFormat sdf = new SimpleDateFormat('yyyy-MM-dd')
Date dateNow = new Date()
Date fireDate = sdf.parse(strFireDate)
if (fireDate < dateNow) {
return false // ignore
}
}
return true // import
]]></code>
</script>
</condition>
about setting up read only resource you need to set existence to true
in schemaHandling/objectType
<activation>
<existence>
<outbound>
<name>HR don't support shadow delete, so never try to
delete...</name>
<strength>weak</strength>
<expression>
<value>true</value>
</expression>
</outbound>
</existence>
</activation>
and also setting up configured capabilities:
<capabilities>
<configured
xmlns:cap="http://midpoint.evolveum.com/xml/ns/public/resource/capabilities-3">
<cap:delete>
<cap:enabled>false</cap:enabled>
</cap:delete>
<cap:update>
<cap:enabled>false</cap:enabled>
</cap:update>
<cap:create>
<cap:enabled>false</cap:enabled>
</cap:create>
</configured>
</capabilities>
+ also use DB user with read only permission only to required tables for
security reasons at all.
If you need more help with PoC don't hesitate to contact us...
Best regards,
Gustav
po 17. 10. 2022 o 20:10 Collins, Kevin via midPoint <
midpoint at lists.evolveum.com> napísal(a):
> Hi everyone,
>
>
> I’ve been working through the MidPoint book and the samples in midPoint
> 4.4.3 to try answer a couple of problems I’m having putting together a PoC
> midPoint demo:
>
>
> - How do I filter inbound data from a (Postgres) db table so that it
> doesn’t try to import stale data? Simplified use case is that an HR system
> writes data about staff to a Postgres db table. That data is more or less
> authoritative for staff. The db table contains details about every member
> of staff who is current but also contains details of every staff person it
> has ever known about. This sounds like an ideal job for a scripted-sql
> connector but I can’t get that to work at all in midPoint. So I’m looking
> at filtering on the inbound data. Unless, of course, anyone has good worked
> example of a scripted-sql resource that they’d be willing to share…
> -
> - How do I prevent the Idm from deleting the entire record from the
> Postgres db table when I delete it in the IDM ?
>
>
> The HR people “own” the data in the table except for the username,
> emailAddress and initial password, which are generated by the Idm and
> passed back to the table.
>
> Thanks in advance.
>
>
> -Kev_C
>
>
> --
> Kevin Collins,
> Senior Specialist,
> Information Services
> Heriot-Watt University,
> EDINBURGH, EH14 4AS,
> Scotland, UK
>
> For IT support queries or requests, please navigate to
> https://hwu.topdesk.net/, email ishelp at hw.ac.uk <ishelp at hw.ac.uk> or
> phone ext 4045, with full details of your query or request and your contact
> details.
>
> http://www.hw.ac.uk/is
>
>
>
> ------------------------------
>
> Founded in 1821, Heriot-Watt is a leader in ideas and solutions. With
> campuses and students across the entire globe we span the world, delivering
> innovation and educational excellence in business, engineering, design and
> the physical, social and life sciences. This email is generated from the
> Heriot-Watt University Group, which includes:
>
> 1. Heriot-Watt University, a Scottish charity registered under number
> SC000278
> 2. Heriot- Watt Services Limited (Oriam), Scotland's national
> performance centre for sport. Heriot-Watt Services Limited is a private
> limited company registered is Scotland with registered number SC271030 and
> registered office at Research & Enterprise Services Heriot-Watt University,
> Riccarton, Edinburgh, EH14 4AS.
>
> The contents (including any attachments) are confidential. If you are not
> the intended recipient of this e-mail, any disclosure, copying,
> distribution or use of its contents is strictly prohibited, and you should
> please notify the sender immediately and then delete it (including any
> attachments) from your system.
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> https://lists.evolveum.com/mailman/listinfo/midpoint
>
--
s pozdravom
Gustáv Pálos
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20221018/7d0a7803/attachment-0001.htm>
More information about the midPoint
mailing list