Permalink
Cannot retrieve contributors at this time
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
midPoint_container/demo/grouper/midpoint_server/container_files/mp-home/post-initial-objects/functionLibraries/100-function-library-grouper.xml
Go to fileThis commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
197 lines (184 sloc)
6.9 KB
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!-- | |
| ~ Copyright (c) 2019 Evolveum and contributors | |
| ~ | |
| ~ This work is dual-licensed under the Apache License 2.0 | |
| ~ and European Union Public License. See LICENSE file for details. | |
| --> | |
| <functionLibrary oid="2eef4181-25fa-420f-909d-846a36ca90f3" | |
| xmlns='http://midpoint.evolveum.com/xml/ns/public/common/common-3' | |
| xmlns:c='http://midpoint.evolveum.com/xml/ns/public/common/common-3' | |
| xmlns:t='http://prism.evolveum.com/xml/ns/public/types-3' | |
| xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' | |
| xmlns:xsd='http://www.w3.org/2001/XMLSchema' | |
| xmlns:piracy='http://midpoint.evolveum.com/xml/ns/samples/piracy'> | |
| <name>grouper</name> | |
| <description>Functions for Grouper AMQP connector</description> | |
| <function> | |
| <!-- Some examples: | |
| { | |
| encrypted=false, | |
| esbEvent=[ | |
| { | |
| sourceId=ldap, | |
| membershipType=flattened, | |
| fieldName=members, | |
| groupId=00000000000000000000000000000001, | |
| changeOccurred=false, | |
| createdOnMicros=1551884863420000, | |
| subjectId=banderson, | |
| id=94320942304930294023940329403294, | |
| sequenceNumber=1000, | |
| eventType=MEMBERSHIP_ADD, | |
| groupName=etc:midpointGroups | |
| } | |
| ]} | |
| { | |
| "encrypted": false, | |
| "esbEvent": [ | |
| { | |
| "displayName": "ref:affiliation:alumni", | |
| "changeOccurred": false, | |
| "createdOnMicros": 1551884850499000, | |
| "parentStemId": "9a7ce40af6c546148b41eec81b8ca18d", | |
| "id": "00000000000000000000000000000002", | |
| "sequenceNumber": "110", | |
| "eventType": "GROUP_ADD", | |
| "name": "ref:affiliation:alumni" | |
| } | |
| ] | |
| } | |
| --> | |
| <name>createUcfChange</name> | |
| <parameter> | |
| <name>message</name> | |
| <type>c:AsyncUpdateMessageType</type> | |
| </parameter> | |
| <parameter> | |
| <name>groupIncludePattern</name> | |
| <type>xsd:anyType</type> | |
| </parameter> | |
| <parameter> | |
| <name>groupExcludePattern</name> | |
| <type>xsd:anyType</type> | |
| </parameter> | |
| <parameter> | |
| <name>relevantSourceId</name> | |
| <type>xsd:string</type> | |
| </parameter> | |
| <script> | |
| <code> | |
| import com.evolveum.midpoint.xml.ns._public.common.common_3.* | |
| import com.evolveum.prism.xml.ns._public.types_3.* | |
| import static com.evolveum.midpoint.schema.constants.SchemaConstants.* | |
| import com.evolveum.midpoint.schema.util.* | |
| import com.evolveum.midpoint.prism.path.* | |
| import com.evolveum.midpoint.schema.constants.* | |
| import com.evolveum.midpoint.prism.delta.* | |
| GROUP_OBJECT_CLASS = new ItemName(MidPointConstants.NS_RI, 'Group') | |
| ATTR_NAME = new ItemName(MidPointConstants.NS_RI, 'name') | |
| ATTR_UUID = new ItemName(MidPointConstants.NS_RI, 'uuid') | |
| ATTR_MEMBER = new ItemName(MidPointConstants.NS_RI, 'member') | |
| TRIGGER_FIRE_AFTER = 60000 | |
| TRIGGER_SAFETY_MARGIN = 10000 | |
| esbEvent = midpoint.getMessageBodyAsMap(message)['esbEvent'][0] | |
| log.info('esbEvent = {}', esbEvent) | |
| eventType = esbEvent['eventType'] | |
| if (eventType == 'MEMBERSHIP_ADD' || eventType == 'MEMBERSHIP_DELETE') { | |
| groupName = esbEvent['groupName'] | |
| if (groupName == null) { | |
| log.warn('No group name in membership change message, ignoring it: {}', esbEvent) | |
| return null | |
| } | |
| groupId = esbEvent['groupId'] | |
| if (groupId == null) { | |
| log.warn('No group ID in membership change message, ignoring it: {}', esbEvent) | |
| return null | |
| } | |
| isExported = matches(groupName, groupIncludePattern, groupExcludePattern) | |
| if (!isExported) { | |
| log.info('Irrelevant group membership change, ignoring it: {}', groupName) | |
| return null | |
| } | |
| sourceId = esbEvent['sourceId'] | |
| if (sourceId != relevantSourceId) { | |
| log.info('Irrelevant subject source ID in membership change message, ignoring it: {}', sourceId) | |
| return null | |
| } | |
| subjectId = esbEvent['subjectId'] | |
| if (subjectId == null) { | |
| log.info('Null subject ID in membership change message, ignoring it: {}', sourceId) | |
| return null | |
| } | |
| log.info('### {} - {} - {}', subjectId, eventType, groupName) | |
| identifiers = new HashMap() | |
| identifiers.put(ATTR_NAME, groupName) | |
| identifiers.put(ATTR_UUID, groupId) | |
| ObjectDeltaType delta | |
| itemDelta = new ItemDeltaType() | |
| itemDelta.modificationType = eventType == 'MEMBERSHIP_ADD' ? ModificationTypeType.ADD : ModificationTypeType.DELETE | |
| itemDelta.path = new ItemPathType(ItemPath.create(ShadowType.F_ATTRIBUTES, ATTR_MEMBER)) | |
| itemDelta.value.add(RawType.fromPropertyRealValue(subjectId, null, prismContext)) | |
| delta = new ObjectDeltaType() | |
| delta.changeType = ChangeTypeType.MODIFY | |
| delta.itemDelta.add(itemDelta) | |
| added = midpoint | |
| .getOptimizingTriggerCreator(TRIGGER_FIRE_AFTER, TRIGGER_SAFETY_MARGIN) | |
| .createForNamedUser(subjectId) | |
| log.info('Recompute trigger for {}: {}', subjectId, added ? 'added' : 'not added (already present or user not found)') | |
| return UcfChangeUtil.create(GROUP_OBJECT_CLASS, identifiers, delta, prismContext) | |
| } else if (eventType == 'GROUP_ADD' || eventType == 'GROUP_DELETE') { | |
| groupName = esbEvent['name'] | |
| groupId = esbEvent['id'] | |
| isExported = matches(groupName, groupIncludePattern, groupExcludePattern) | |
| if (!isExported) { | |
| log.info('Irrelevant group add/delete event, ignoring it: {}', groupName) | |
| return null | |
| } | |
| identifiers = new HashMap() | |
| identifiers.put(ATTR_NAME, groupName) | |
| identifiers.put(ATTR_UUID, groupId) | |
| ObjectDeltaType delta | |
| if (eventType == 'GROUP_DELETE') { | |
| delta = new ObjectDeltaType() | |
| delta.changeType = ChangeTypeType.DELETE | |
| } else { | |
| delta = null | |
| } | |
| return UcfChangeUtil.create(GROUP_OBJECT_CLASS, identifiers, delta, prismContext) | |
| } else if (eventType == 'GROUP_UPDATE') { | |
| groupName = esbEvent['name'] | |
| groupId = esbEvent['id'] | |
| isExported = matches(groupName, groupIncludePattern, groupExcludePattern) | |
| if (!isExported) { | |
| log.info('Irrelevant group add/delete event, ignoring it: {}', groupName) | |
| return null | |
| } | |
| // Notification-only change: so we fetch current state of this group and synchronize it fully | |
| identifiers = new HashMap() | |
| identifiers.put(ATTR_NAME, groupName) | |
| identifiers.put(ATTR_UUID, groupId) | |
| return UcfChangeUtil.create(GROUP_OBJECT_CLASS, identifiers, null, prismContext) | |
| } else { | |
| log.warn('Unsupported event type: {} -> {}', eventType, esbEvent) | |
| return null | |
| } | |
| def matches(String name, Collection includes, Collection excludes) { | |
| matches(name, includes) && !matches(name, excludes) | |
| } | |
| def matches(String name, Collection patterns) { | |
| if (name == null || patterns == null) { | |
| false | |
| } else { | |
| for (pattern in patterns) { | |
| if (name ==~ pattern) { | |
| return true | |
| } | |
| } | |
| false | |
| } | |
| } | |
| </code> | |
| </script> | |
| <returnType>c:UcfChangeType</returnType> | |
| </function> | |
| </functionLibrary> |