Skip to content
Permalink
Browse files

Merge remote-tracking branch 'refs/remotes/origin/master'

  • Loading branch information
lskublik
lskublik committed Nov 24, 2019
2 parents b50ea23 + a2b389f commit e2d28593d901dfc603217e0fc0d9432254da5769
Showing with 42 additions and 35 deletions.
  1. +2 −3 README.md
  2. 0 ...grouper/{midpoint-objects → midpoint-objects (obsolete)}/archetypes/archetype-academic-person.xml
  3. 0 demo/grouper/{midpoint-objects → midpoint-objects (obsolete)}/archetypes/archetype-affiliation.xml
  4. 0 demo/grouper/{midpoint-objects → midpoint-objects (obsolete)}/archetypes/archetype-course.xml
  5. 0 demo/grouper/{midpoint-objects → midpoint-objects (obsolete)}/archetypes/archetype-department.xml
  6. 0 ...r/{midpoint-objects → midpoint-objects (obsolete)}/archetypes/archetype-generic-grouper-group.xml
  7. 0 demo/grouper/{midpoint-objects → midpoint-objects (obsolete)}/archetypes/archetype-mailing-list.xml
  8. 0 .../grouper/{midpoint-objects → midpoint-objects (obsolete)}/archetypes/archetype-midpoint-group.xml
  9. 0 ...per/{midpoint-objects → midpoint-objects (obsolete)}/archetypes/archetype-non-academic-person.xml
  10. 0 ...r/{midpoint-objects → midpoint-objects (obsolete)}/functionLibraries/function-library-grouper.xml
  11. 0 demo/grouper/{midpoint-objects → midpoint-objects (obsolete)}/objectTemplates/template-user.xml
  12. 0 demo/grouper/{midpoint-objects → midpoint-objects (obsolete)}/orgs/org-affiliations.xml
  13. 0 demo/grouper/{midpoint-objects → midpoint-objects (obsolete)}/orgs/org-courses.xml
  14. 0 demo/grouper/{midpoint-objects → midpoint-objects (obsolete)}/orgs/org-departments.xml
  15. 0 demo/grouper/{midpoint-objects → midpoint-objects (obsolete)}/orgs/org-generic-groups.xml
  16. 0 demo/grouper/{midpoint-objects → midpoint-objects (obsolete)}/orgs/org-grouper-sysadmin.xml
  17. 0 demo/grouper/{midpoint-objects → midpoint-objects (obsolete)}/orgs/org-mailing-lists.xml
  18. 0 demo/grouper/{midpoint-objects → midpoint-objects (obsolete)}/orgs/org-midpoint-groups.xml
  19. 0 demo/grouper/{midpoint-objects → midpoint-objects (obsolete)}/resources/ldap-main.xml
  20. 0 demo/grouper/{midpoint-objects → midpoint-objects (obsolete)}/resources/resource-grouper.xml
  21. 0 demo/grouper/{midpoint-objects → midpoint-objects (obsolete)}/resources/scriptedsql-sis-persons.xml
  22. 0 demo/grouper/{midpoint-objects → midpoint-objects (obsolete)}/resources/target-cs-portal.xml
  23. 0 demo/grouper/{midpoint-objects → midpoint-objects (obsolete)}/resources/target-faculty-portal.xml
  24. 0 demo/grouper/{midpoint-objects → midpoint-objects (obsolete)}/resources/target-mailing-lists.xml
  25. 0 ...rouper/{midpoint-objects → midpoint-objects (obsolete)}/roles/metarole-grouper-provided-group.xml
  26. 0 demo/grouper/{midpoint-objects → midpoint-objects (obsolete)}/roles/metarole-ldap-group.xml
  27. 0 demo/grouper/{midpoint-objects → midpoint-objects (obsolete)}/roles/role-ldap-basic.xml
  28. 0 ...per/{midpoint-objects → midpoint-objects (obsolete)}/systemConfigurations/SystemConfiguration.xml
  29. 0 demo/grouper/{midpoint-objects → midpoint-objects (obsolete)}/tasks/task-group-scavenger.xml
  30. 0 demo/grouper/{midpoint-objects → midpoint-objects (obsolete)}/users/user-banderson.xml
  31. +1 −1 demo/grouper/midpoint-objects-manual/tasks/task-reconciliation-grouper-groups.xml
  32. BIN demo/grouper/midpoint_server/container_files/mp-home/icf-connectors/connector-grouper-rest-0.4.jar
  33. BIN demo/grouper/midpoint_server/container_files/mp-home/icf-connectors/connector-grouper-rest-0.5.jar
  34. +29 −25 ...erver/container_files/mp-home/post-initial-objects/functionLibraries/function-library-grouper.xml
  35. +6 −6 ...ouper/midpoint_server/container_files/mp-home/post-initial-objects/resources/resource-grouper.xml
  36. +4 −0 ..._server/container_files/mp-home/post-initial-objects/systemConfigurations/SystemConfiguration.xml
@@ -15,16 +15,15 @@ The image contains the midPoint application along with some TIER-specific compon
- `shibboleth` to show integration with Shibboleth IdP,
- `postgresql` to show how to use alternative dockerized repository,
- `extrepo` to show how to use external repository,
- `complex` to demonstrate more complex deployment of midPoint in a sample university environment, featuring midPoint along with Grouper, LDAP directory, RabbitMQ, Shibboleth IdP, source and target systems.
- `grouper` to demonstrate more complex deployment of midPoint in a sample university environment, featuring midPoint along with Grouper, LDAP directory, RabbitMQ, Shibboleth IdP, source and target systems.

# Build instructions
```
$ ./build.sh
```
You can then continue with one of demo composition, e.g. simple or complex one.
You can then continue with one of demo composition.

# Documentation
Please see [Dockerized midPoint](https://spaces.at.internet2.edu/display/MID/Dockerized+midPoint) wiki page.

This is a work in progress, suitable for testing.
For details on the project, see [Status of the work](https://spaces.at.internet2.edu/display/MID/Status+of+the+work).
@@ -25,7 +25,7 @@
<name>Grouper reconciliation (groups)</name>
<extension xmlns:mext="http://midpoint.evolveum.com/xml/ns/public/model/extension-3"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="c:ExtensionType">
<mext:objectclass>ri:CustomPlainGroupObjectClass</mext:objectclass>
<mext:objectclass>ri:Group</mext:objectclass>
</extension>
<taskIdentifier>605a0127-a313-442a-9d5e-151eac8b0745</taskIdentifier>
<ownerRef oid="00000000-0000-0000-0000-000000000002" relation="org:default" type="c:UserType">
Binary file not shown.
Binary file not shown.
@@ -78,12 +78,16 @@
import static com.evolveum.midpoint.schema.constants.SchemaConstants.*
import com.evolveum.midpoint.schema.util.*
import com.evolveum.midpoint.prism.path.*
import com.evolveum.midpoint.schema.constants.*
import com.evolveum.midpoint.prism.delta.*
import com.evolveum.midpoint.schema.constants.*
import com.evolveum.midpoint.prism.delta.*

PLAIN_GROUP_OBJECT_CLASS = new ItemName(MidPointConstants.NS_RI, 'CustomPlainGroupObjectClass')
TRIGGER_FIRE_AFTER = 60000
TRIGGER_SAFETY_MARGIN = 10000
GROUP_OBJECT_CLASS = new ItemName(MidPointConstants.NS_RI, 'Group')
ATTR_NAME = new ItemName(MidPointConstants.NS_RI, 'name')
ATTR_UUID = new ItemName(MidPointConstants.NS_RI, 'uuid')
ATTR_MEMBER = new ItemName(MidPointConstants.NS_RI, 'member')

TRIGGER_FIRE_AFTER = 60000
TRIGGER_SAFETY_MARGIN = 10000

esbEvent = midpoint.getMessageBodyAsMap(message)['esbEvent'][0]
log.info('esbEvent = {}', esbEvent)
@@ -94,11 +98,11 @@
log.warn('No group name in membership change message, ignoring it: {}', esbEvent)
return null
}
groupId = esbEvent['groupId']
if (groupId == null) {
log.warn('No group ID in membership change message, ignoring it: {}', esbEvent)
return null
}
groupId = esbEvent['groupId']
if (groupId == null) {
log.warn('No group ID in membership change message, ignoring it: {}', esbEvent)
return null
}
isExported = matches(groupName, groupIncludePattern, groupExcludePattern)
if (!isExported) {
log.info('Irrelevant group membership change, ignoring it: {}', groupName)
@@ -110,29 +114,29 @@
return null
}
subjectId = esbEvent['subjectId']
if (subjectId == null) {
log.info('Null subject ID in membership change message, ignoring it: {}', sourceId)
return null
}
if (subjectId == null) {
log.info('Null subject ID in membership change message, ignoring it: {}', sourceId)
return null
}
log.info('### {} - {} - {}', subjectId, eventType, groupName)
identifiers = new HashMap()
identifiers.put(ICFS_NAME, groupName)
identifiers.put(ICFS_UID, groupId)
identifiers.put(ATTR_NAME, groupName)
identifiers.put(ATTR_UUID, groupId)
ObjectDeltaType delta
itemDelta = new ItemDeltaType()
itemDelta.modificationType = eventType == 'MEMBERSHIP_ADD' ? ModificationTypeType.ADD : ModificationTypeType.DELETE
itemDelta.path = new ItemPathType(ItemPath.create(ShadowType.F_ATTRIBUTES, 'member'))
itemDelta.path = new ItemPathType(ItemPath.create(ShadowType.F_ATTRIBUTES, ATTR_MEMBER))
itemDelta.value.add(RawType.fromPropertyRealValue(subjectId, null, prismContext))
delta = new ObjectDeltaType()
delta.changeType = ChangeTypeType.MODIFY
delta.itemDelta.add(itemDelta)

added = midpoint
.getOptimizingTriggerCreator(TRIGGER_FIRE_AFTER, TRIGGER_SAFETY_MARGIN)
.createForNamedUser(subjectId)
log.info('Recompute trigger for {}: {}', subjectId, added ? 'added' : 'not added (already present or user not found)')
added = midpoint
.getOptimizingTriggerCreator(TRIGGER_FIRE_AFTER, TRIGGER_SAFETY_MARGIN)
.createForNamedUser(subjectId)
log.info('Recompute trigger for {}: {}', subjectId, added ? 'added' : 'not added (already present or user not found)')

return UcfChangeUtil.create(PLAIN_GROUP_OBJECT_CLASS, identifiers, delta, prismContext)
return UcfChangeUtil.create(GROUP_OBJECT_CLASS, identifiers, delta, prismContext)
} else if (eventType == 'GROUP_ADD' || eventType == 'GROUP_DELETE') {
groupName = esbEvent['name']
groupId = esbEvent['id']
@@ -142,16 +146,16 @@
return null
}
identifiers = new HashMap()
identifiers.put(ICFS_NAME, groupName)
identifiers.put(ICFS_UID, groupId)
identifiers.put(ATTR_NAME, groupName)
identifiers.put(ATTR_UUID, groupId)
ObjectDeltaType delta
if (eventType == 'GROUP_DELETE') {
delta = new ObjectDeltaType()
delta.changeType = ChangeTypeType.DELETE
} else {
delta = null
}
return UcfChangeUtil.create(PLAIN_GROUP_OBJECT_CLASS, identifiers, delta, prismContext)
return UcfChangeUtil.create(GROUP_OBJECT_CLASS, identifiers, delta, prismContext)
} else {
log.warn('Unsupported event type: {} -> {}', eventType, esbEvent)
return null
@@ -32,15 +32,15 @@
<rest:baseUrl>https://grouper-ws:443</rest:baseUrl>
<rest:username>banderson</rest:username>
<rest:password>password</rest:password>
<rest:superGroup>etc:sysadmingroup</rest:superGroup> <!-- parameter name will be changed -->
<rest:testStem>:</rest:testStem>
<!-- no testGroup: we cannot be sure that banderson is a member of sysadmingroup when doing the first test -->
<rest:exportStem>:</rest:exportStem>
<rest:groupIncludePattern>app:.*</rest:groupIncludePattern>
<rest:groupIncludePattern>test:.*</rest:groupIncludePattern>
<rest:groupIncludePattern>ref:.*</rest:groupIncludePattern>
<rest:groupExcludePattern>.*_(includes|excludes|systemOfRecord|systemOfRecordAndIncludes)</rest:groupExcludePattern>
<rest:subjectSource>ldap</rest:subjectSource>
<rest:groupSource>g:gsa</rest:groupSource>
<rest:ignoreSslValidation>true</rest:ignoreSslValidation>
<rest:exportStem>:</rest:exportStem>
</icfc:configurationProperties>
</connectorConfiguration>
<additionalConnector>
@@ -86,10 +86,10 @@
<objectType>
<kind>entitlement</kind>
<intent>group</intent>
<objectClass>ri:CustomPlainGroupObjectClass</objectClass>
<objectClass>ri:Group</objectClass>
<default>true</default>
<attribute>
<ref>icfs:name</ref>
<ref>ri:name</ref>
<inbound>
<strength>strong</strength>
<target>
@@ -139,7 +139,7 @@
<enabled>true</enabled>
<kind>entitlement</kind>
<intent>group</intent>
<objectClass>ri:CustomPlainGroupObjectClass</objectClass>
<objectClass>ri:Group</objectClass>
<focusType>OrgType</focusType>
<correlation>
<q:equal>
@@ -49,6 +49,10 @@
<level>INFO</level>
<package>com.evolveum.midpoint.model.impl.lens.Clockwork</package>
</classLogger>
<classLogger>
<level>DEBUG</level>
<package>com.evolveum.polygon.connector.grouper</package>
</classLogger>
<appender id="11" xsi:type="c:FileAppenderConfigurationType">
<pattern>%date [%X{subsystem}] [%thread] %level \(%logger\): %msg%n</pattern>
<name>MIDPOINT_LOG</name>

0 comments on commit e2d2859

Please sign in to comment.
You can’t perform that action at this time.