[midPoint] Replace Manager from OrgUnit
Ruy Minoru Ito Takata
ruy.takata at serpro.gov.br
Mon Oct 24 14:36:16 CEST 2022
I will try suing objectTemplate.
Thanks.
[Serpro]
Ruy Minoru Ito Takata
Analista
Superintendência de Segurança da Informação
Diretoria de Operações
+55 (11) 2173-1799
________________________________
De: Yakov Revyakin <yrevyakin at gmail.com>
Enviado: sábado, 22 de outubro de 2022 16:21
Para: midPoint General Discussion <midpoint at lists.evolveum.com>
Cc: Ruy Minoru Ito Takata <ruy.takata at serpro.gov.br>
Assunto: Re: [midPoint] Replace Manager from OrgUnit
Your code looks like a mix of two things you need to implement separately.
1) Schema handling must be responsible for update of an Org
2) User objectTemplate must be responsible for manager assignment/revocation
On Fri, 14 Oct 2022 at 20:02, Ruy Minoru Ito Takata via midPoint <midpoint at lists.evolveum.com<https://mail-inspector.serpro.gov.br/mailinspector/tap/WarningUrlPage.php?HSCTYPE=0&HSCRULE=4&HSCID=N0ZFNjUzODczMDYuQTAwNzA=
&HSCMLICHECKID0005=28a109bf64465d4ea973ee4348a136ef&URLCHECKHSCMLI09132012warnning=H4sIAAAAAAAAA8tNzMwpybfKzUwpyM/MK3HIySwuKdZLLcvPKUstzdVLzs8FAOtGlVoiAAAA>> wrote:
Hi,
I'm using CSV file to create a org tree and assign a manager to each one. But when there are a change in manager, the new manager is added and the old manager is not removed.
Like in the book, the org CSV has orgnum, orgname, and manager identifier. I made two resources, one to build the org tree, and another to assign manager to the orgs.
The resource that assigns manager to the orgs has a assignmentTargetSearch to find the org and change the assignment attribute of the user. So, when a user is no more manager of an org, his identifier disappear from the CSV file.
What is the correct way to do this?
My CSV org file is like:
orgnum,orgname,orgmanager
My schemahandling:
<schemaHandling>
<objectType>
<displayName>Organizational Unit Manager</displayName>
<objectClass>ri:AccountObjectClass</objectClass>
<kind>account</kind>
<default>true</default>
<attribute>
<ref>ri:orgmanager</ref> <!-- employeeNumber -->
<inbound>
<target>
<path>$focus/employeeNumber</path>
</target>
</inbound>
</attribute>
<attribute>
<ref>ri:orgnum</ref> <!-- organization code -->
<inbound>
<expression>
<assignmentTargetSearch>
<targetType>c:OrgType</targetType>
<assignmentProperties>
<relation>org:manager</relation>
<subtype>csvorgmanager</subtype>
</assignmentProperties>
<filter>
<q:equal>
<q:path>identifier</q:path>
<expression>
<path>$input</path>
</expression>
</q:equal>
</filter>
</assignmentTargetSearch>
</expression>
<target>
<path>$focus/assignment</path>
<set>
<condition>
<script>
<code>
return input.subtype.contains("csvorgmanager")
</code>
</script>
</condition>
</set>
</target>
</inbound>
</attribute>
</objectType>
</schemaHandling>
Thanks
[Serpro]
Ruy Minoru Ito Takata
Analista
Superintendência de Segurança da Informação
Diretoria de Operações
+55 (11) 2173-1799
“Essa mensagem do SERVIÇO FEDERAL DE PROCESSAMENTO DE DADOS (SERPRO), empresa pública federal regida pelo disposto na Lei Federal nº 5.615, é enviada exclusivamente ao destinatário informado e pode conter dados pessoais, protegidos pela Lei Geral de Proteção de Dados (Lei 13.709/2018), assim como informações confidenciais, protegidas por sigilo profissional. O SERPRO ressalta seu comprometimento em assegurar a segurança e a proteção das informações contidas neste e-mail e informa que a sua utilização desautorizada é ilegal e sujeita o infrator às penas da lei. Se você o recebeu indevidamente, queira, por gentileza, reenviá-lo ao emitente, esclarecendo o equívoco.” “This message from SERVIÇO FEDERAL DE PROCESSAMENTO DE DADOS (SERPRO) - a government company established under Brazilian law (5.615/70) - is directed exclusively to its addressee and may contain personal data protected by the General Data Protection Law (13.709/2018) as well as confidencial data, protected under professional secrecy rules. SERPRO highlights its commitment to ensuring the security and protection of the information contained in this email and its unauthorized use is illegal and may subject the transgressor to the law´s penalties. If you´re not the addressee, please send it back, elucidating the failure.”
_______________________________________________
midPoint mailing list
midPoint at lists.evolveum.com<https://mail-inspector.serpro.gov.br/mailinspector/tap/WarningUrlPage.php?HSCTYPE=0&HSCRULE=4&HSCID=N0ZFNjUzODczMDYuQTAwNzA=
&HSCMLICHECKID0005=28a109bf64465d4ea973ee4348a136ef&URLCHECKHSCMLI09132012warnning=H4sIAAAAAAAAA8tNzMwpybfKzUwJyM/MK3HIySwuKdZLLcvPKUstzdVLzs8FAJG4Q6QiAAAA>
https://lists.evolveum.com/mailman/listinfo/midpoint<https://mail-inspector.serpro.gov.br/mailinspector/tap/WarningUrlPage.php?HSCTYPE=0&HSCRULE=4&HSCID=N0ZFNjUzODczMDYuQTAwNzA=
&HSCMLICHECKID0005=28a109bf64465d4ea973ee4348a136ef&URLCHECKHSCMLI09132012warnning=H4sIAAAAAAAAA8soKSkottLXz8ksLinWSy3LzylLLc3VS87P1c9NzMzJTcwDS2XmpeXr52amFORn
5pUAAOBzsjw0AAAA>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20221024/d8800022/attachment-0001.htm>
More information about the midPoint
mailing list