[midPoint] Filtering inbound data from Postgres table
Collins, Kevin
K.J.Collins at hw.ac.uk
Tue Oct 18 09:31:09 CEST 2022
Gustav,
Thanks for that. I’ll have a go at doing that later on today.
-Kev_C
On 18 Oct 2022, at 02:40, Pálos Gustáv via midPoint <midpoint at lists.evolveum.com<mailto:midpoint at lists.evolveum.com>> wrote:
****************************************************************
Caution: This email originated from a sender outside Heriot-Watt University.
Do not follow links or open attachments if you doubt the authenticity of the sender or the content.
****************************************************************
Hi Kevin,
scripted-sql sample is here: https://github.com/Evolveum/midpoint-samples/tree/master/samples/resources/scriptedsql
but if you have only one table with data from HR is easier to use build in database table connector:
https://docs.evolveum.com/connectors/resources/databasetable
Filtering out old data can you do in at least 2 ways:
1) creating a DB view with where condition to filter out all old data what you never need in midPoint
2) just using resource synchronization/objectSynchronization/condition
something like this:
<condition>
<script>
<code><![CDATA[
import java.text.SimpleDateFormat;
String strFireDate = basic.getAttributeValue(shadow, 'http://midpoint.evolveum.com/xml/ns/public/resource/instance-3', 'Firedate')
if (!basic.isEmpty(strFireDate)) {
SimpleDateFormat sdf = new SimpleDateFormat('yyyy-MM-dd')
Date dateNow = new Date()
Date fireDate = sdf.parse(strFireDate)
if (fireDate < dateNow) {
return false // ignore
}
}
return true // import
]]></code>
</script>
</condition>
about setting up read only resource you need to set existence to true in schemaHandling/objectType
<activation>
<existence>
<outbound>
<name>HR don't support shadow delete, so never try to delete...</name>
<strength>weak</strength>
<expression>
<value>true</value>
</expression>
</outbound>
</existence>
</activation>
and also setting up configured capabilities:
<capabilities>
<configured xmlns:cap="http://midpoint.evolveum.com/xml/ns/public/resource/capabilities-3">
<cap:delete>
<cap:enabled>false</cap:enabled>
</cap:delete>
<cap:update>
<cap:enabled>false</cap:enabled>
</cap:update>
<cap:create>
<cap:enabled>false</cap:enabled>
</cap:create>
</configured>
</capabilities>
+ also use DB user with read only permission only to required tables for security reasons at all.
If you need more help with PoC don't hesitate to contact us...
Best regards,
Gustav
po 17. 10. 2022 o 20:10 Collins, Kevin via midPoint <midpoint at lists.evolveum.com<mailto:midpoint at lists.evolveum.com>> napísal(a):
Hi everyone,
I’ve been working through the MidPoint book and the samples in midPoint 4.4.3 to try answer a couple of problems I’m having putting together a PoC midPoint demo:
* How do I filter inbound data from a (Postgres) db table so that it doesn’t try to import stale data? Simplified use case is that an HR system writes data about staff to a Postgres db table. That data is more or less authoritative for staff. The db table contains details about every member of staff who is current but also contains details of every staff person it has ever known about. This sounds like an ideal job for a scripted-sql connector but I can’t get that to work at all in midPoint. So I’m looking at filtering on the inbound data. Unless, of course, anyone has good worked example of a scripted-sql resource that they’d be willing to share…
*
* How do I prevent the Idm from deleting the entire record from the Postgres db table when I delete it in the IDM ?
The HR people “own” the data in the table except for the username, emailAddress and initial password, which are generated by the Idm and passed back to the table.
Thanks in advance.
-Kev_C
--
Kevin Collins,
Senior Specialist,
Information Services
Heriot-Watt University,
EDINBURGH, EH14 4AS,
Scotland, UK
For IT support queries or requests, please navigate to https://hwu.topdesk.net/, email ishelp at hw.ac.uk<mailto:ishelp at hw.ac.uk> or phone ext 4045, with full details of your query or request and your contact details.
http://www.hw.ac.uk/is
________________________________
Founded in 1821, Heriot-Watt is a leader in ideas and solutions. With campuses and students across the entire globe we span the world, delivering innovation and educational excellence in business, engineering, design and the physical, social and life sciences. This email is generated from the Heriot-Watt University Group, which includes:
1. Heriot-Watt University, a Scottish charity registered under number SC000278
2. Heriot- Watt Services Limited (Oriam), Scotland's national performance centre for sport. Heriot-Watt Services Limited is a private limited company registered is Scotland with registered number SC271030 and registered office at Research & Enterprise Services Heriot-Watt University, Riccarton, Edinburgh, EH14 4AS.
The contents (including any attachments) are confidential. If you are not the intended recipient of this e-mail, any disclosure, copying, distribution or use of its contents is strictly prohibited, and you should please notify the sender immediately and then delete it (including any attachments) from your system.
_______________________________________________
midPoint mailing list
midPoint at lists.evolveum.com<mailto:midPoint at lists.evolveum.com>
https://lists.evolveum.com/mailman/listinfo/midpoint
--
s pozdravom
Gustáv Pálos
_______________________________________________
midPoint mailing list
midPoint at lists.evolveum.com<mailto:midPoint at lists.evolveum.com>
https://lists.evolveum.com/mailman/listinfo/midpoint
--
Kevin Collins,
Senior Specialist,
Information Services
Heriot-Watt University,
EDINBURGH, EH14 4AS,
Scotland, UK
For IT support queries or requests, please navigate to https://hwu.topdesk.net/, email ishelp at hw.ac.uk<mailto:ishelp at hw.ac.uk> or phone ext 4045, with full details of your query or request and your contact details.
http://www.hw.ac.uk/is
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20221018/35231847/attachment-0001.htm>
More information about the midPoint
mailing list