Skip to content
Permalink
 
 
Cannot retrieve contributors at this time
184 lines (178 sloc) 8.47 KB
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright (c) 2019 Evolveum and contributors
~
~ This work is dual-licensed under the Apache License 2.0
~ and European Union Public License. See LICENSE file for details.
-->
<resource oid="1eff65de-5bb6-483d-9edf-8cc2c2ee0233"
xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3"
xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"
xmlns:icfc="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/connector-schema-3"
xmlns:rest="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/bundle/com.evolveum.polygon.connector-grouper-rest/com.evolveum.polygon.connector.grouper.rest.GrouperConnector"
xmlns:conf="http://midpoint.evolveum.com/xml/ns/public/connector/builtin-1/bundle/com.evolveum.midpoint.provisioning.ucf.impl.builtin.async/AsyncUpdateConnector"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<name>Grouper Resource</name>
<connectorRef type="c:ConnectorType">
<filter>
<q:equal>
<q:path>connectorType</q:path>
<q:value>com.evolveum.polygon.connector.grouper.rest.GrouperConnector</q:value>
</q:equal>
</filter>
</connectorRef>
<connectorConfiguration>
<icfc:configurationProperties>
<rest:baseUrl>https://grouper-ws:443</rest:baseUrl>
<rest:username>banderson</rest:username>
<rest:password>password</rest:password>
<rest:testStem>:</rest:testStem>
<!-- no testGroup: we cannot be sure that banderson is a member of sysadmingroup when doing the first test -->
<rest:exportStem>:</rest:exportStem>
<rest:groupIncludePattern>app:.*</rest:groupIncludePattern>
<rest:groupIncludePattern>test:.*</rest:groupIncludePattern>
<rest:groupIncludePattern>ref:.*</rest:groupIncludePattern>
<rest:groupExcludePattern>.*_(includes|excludes|systemOfRecord|systemOfRecordAndIncludes)</rest:groupExcludePattern>
<rest:subjectSource>ldap</rest:subjectSource>
<rest:ignoreSslValidation>true</rest:ignoreSslValidation>
</icfc:configurationProperties>
</connectorConfiguration>
<additionalConnector>
<name>AMQP async update connector</name>
<connectorRef type="c:ConnectorType">
<filter>
<q:equal>
<q:path>connectorType</q:path>
<q:value>AsyncUpdateConnector</q:value>
</q:equal>
</filter>
</connectorRef>
<connectorConfiguration>
<conf:sources>
<amqp091>
<uri>amqp://mq:5672</uri>
<username>guest</username>
<password>guest</password>
<queue>sampleQueue</queue>
</amqp091>
</conf:sources>
<conf:transformExpression>
<script>
<code>
// ------------------ START OF CONFIGURATION ------------------
parameters = [
groupIncludePattern: [ 'app:.*', 'test:.*', 'ref:.*' ],
groupExcludePattern: [ '.*_(includes|excludes|systemOfRecord|systemOfRecordAndIncludes)' ],
relevantSourceId: 'ldap'
]
// ------------------ END OF CONFIGURATION ------------------
parameters.put('message', message)
grouper.execute('createUcfChange', parameters)
</code>
</script>
</conf:transformExpression>
</connectorConfiguration>
</additionalConnector>
<schemaHandling>
<objectType>
<kind>entitlement</kind>
<intent>group</intent>
<objectClass>ri:Group</objectClass>
<default>true</default>
<attribute>
<ref>ri:name</ref>
<inbound>
<strength>strong</strength>
<target>
<path>extension/grouperName</path>
</target>
</inbound>
<inbound>
<strength>strong</strength>
<expression>
<script>
<code>
import com.evolveum.midpoint.schema.util.*
import com.evolveum.midpoint.schema.constants.*
if (input == null) {
null
} else {
archetypeOid = '5f2b96d2-49b5-4a8a-9601-14457309a69b' // generic-grouper-group archetype
switch (input) {
case ~/ref:affiliation:.*/: archetypeOid = '56f53812-047d-4b69-83e8-519a73d161e1'; break; // affiliation archetype
case ~/ref:dept:.*/: archetypeOid = '1cec5f78-8fba-459b-9547-ef7485009f40'; break; // department archetype
case ~/ref:course:.*/: archetypeOid = '3dab9a72-118b-4e40-a138-bb691c335eca'; break; // course archetype
case ~/app:mailinglist:.*/: archetypeOid = '1645d1dc-1f7c-4508-b50b-97b501ccdee3'; break; // mailing-list archetype
}
ObjectTypeUtil.createAssignmentTo(archetypeOid, ObjectTypes.ARCHETYPE, prismContext)
}
</code>
</script>
</expression>
<target>
<path>assignment</path>
<set>
<predefined>all</predefined> <!-- we tolerate no other assignments -->
</set>
</target>
</inbound>
</attribute>
<attribute>
<ref>ri:member</ref>
<fetchStrategy>explicit</fetchStrategy>
<storageStrategy>indexOnly</storageStrategy>
</attribute>
</objectType>
</schemaHandling>
<synchronization>
<objectSynchronization>
<enabled>true</enabled>
<kind>entitlement</kind>
<intent>group</intent>
<objectClass>ri:Group</objectClass>
<focusType>OrgType</focusType>
<correlation>
<q:equal>
<q:path>extension/grouperName</q:path>
<expression>
<path>$projection/attributes/name</path>
</expression>
</q:equal>
</correlation>
<reaction>
<situation>linked</situation>
<channel>http://midpoint.evolveum.com/xml/ns/public/provisioning/channels-3#asyncUpdate</channel>
<synchronize>false</synchronize>
</reaction>
<reaction>
<situation>linked</situation>
<synchronize>true</synchronize>
</reaction>
<reaction>
<situation>deleted</situation>
<!-- a separate task will take care of deleted groups -->
<!-- we don't even need to unlink the shadow -->
<synchronize>true</synchronize>
</reaction>
<reaction>
<situation>unlinked</situation>
<action>
<handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/action-3#link</handlerUri>
</action>
</reaction>
<reaction>
<situation>unmatched</situation>
<action>
<handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/action-3#addFocus</handlerUri>
</action>
</reaction>
</objectSynchronization>
</synchronization>
<caching>
<cachingStategy>passive</cachingStategy>
</caching>
</resource>
You can’t perform that action at this time.