add script to set provisioning on grouper groups

Workbench/grouper_daemon/container_files/conf/grouper.hibernate.properties

@@ -0,0 +1,30 @@
+#
+# Grouper Hibernate Configuration
+# $Id: grouper.hibernate.example.properties,v 1.9 2009-08-11 20:18:09 mchyzer Exp $
+#
+
+# The grouper hibernate config uses Grouper Configuration Overlays (documented on wiki)
+# By default the configuration is read from grouper.hibernate.base.properties
+# (which should not be edited), and the grouper.hibernate.properties overlays
+# the base settings.  See the grouper.hibernate.base.properties for the possible
+# settings that can be applied to the grouper.hibernate.properties
+
+########################################
+## DB settings
+########################################
+
+# e.g. mysql:           jdbc:mysql://localhost:3306/grouper
+# e.g. p6spy (log sql): [use the URL that your DB requires]
+# e.g. oracle:          jdbc:oracle:thin:@server.school.edu:1521:sid
+# e.g. hsqldb (a):      jdbc:hsqldb:dist/run/grouper;create=true
+# e.g. hsqldb (b):      jdbc:hsqldb:hsql://localhost:9001/grouper
+# e.g. postgres:        jdbc:postgresql://localhost:5432/database
+# e.g. mssql:           jdbc:sqlserver://localhost:3280;databaseName=grouper
+hibernate.connection.url = jdbc:mysql://grouper_data:3306/grouper?CharSet=utf8&useUnicode=true&characterEncoding=utf8
+
+hibernate.connection.username         = grouper
+# If you are using an empty password, depending upon your version of
+# Java and Ant you may need to specify a password of "".
+# Note: you can keep passwords external and encrypted: https://bugs.internet2.edu/jira/browse/GRP-122
+hibernate.connection.password = password
+

Workbench/grouper_daemon/container_files/conf/grouper.properties

@@ -0,0 +1,25 @@
+#
+# Grouper Configuration
+# $Id: grouper.example.properties,v 1.48 2009-12-16 06:02:30 mchyzer Exp $
+#
+
+# Grouper uses Grouper Configuration Overlays (documented on wiki)
+# By default the configuration is read from grouper.base.properties
+# (which should not be edited), and the grouper.properties overlays
+# the base settings.  See the grouper.base.properties for the possible
+# settings that can be applied to the grouper.properties
+
+#if groups like the wheel group should be auto-created for convenience (note: check config needs to be on)
+configuration.autocreate.system.groups = true
+
+# A wheel group allows you to enable non-GrouperSystem subjects to act
+# like a root user when interacting with the registry.
+groups.wheel.use                      = true
+
+# Set to the name of the group you want to treat as the wheel group.
+# The members of this group will be treated as root-like users.
+groups.wheel.group                    = etc:sysadmingroup
+
+# Used to allow Include Exclude groups
+grouperIncludeExclude.use = true
+grouperIncludeExclude.requireGroups.use = true

Workbench/grouper_data/Dockerfile

@@ -33,7 +33,8 @@ RUN mysql_install_db \
 RUN (mysqld_safe & ) \
     && while ! curl -s localhost:3306 > /dev/null; do echo waiting for mysqld to start; sleep 1; done; \
     /opt/grouper/grouperWebapp/WEB-INF/bin/gsh.sh -registry -check -runscript -noprompt && \
-    /opt/grouper/grouperWebapp/WEB-INF/bin/gsh.sh /tmp/initialize.gsh
+    /opt/grouper/grouperWebapp/WEB-INF/bin/gsh.sh /tmp/initialize.gsh && \
+    /opt/grouper/grouperWebapp/WEB-INF/bin/gsh.sh /tmp/set-prov.gsh
 
 EXPOSE 3306
 

Workbench/grouper_data/container_files/bootstrap/initialize.gsh

@@ -9,8 +9,16 @@ addStem("", "org", "org")
 addStem("", "test", "test")
 
 addRootStem("ref", "ref")
-addStem("ref", "course", "course")
-addStem("ref", "affiliation", "affiliation")
+addStem("ref", "course", "Course")
+addStem("ref", "dept", "Department")
+addStem("ref", "affiliation", "Affiliation")
+
+new GroupSave().assignName("ref:affiliation:alum").assignDisplayName("Alumni").assignCreateParentStemsIfNotExist(true).save();
+new GroupSave().assignName("ref:affiliation:community").assignDisplayName("Community").assignCreateParentStemsIfNotExist(true).save();
+new GroupSave().assignName("ref:affiliation:faculty").assignDisplayName("Faculty").assignCreateParentStemsIfNotExist(true).save();
+new GroupSave().assignName("ref:affiliation:member").assignDisplayName("Member").assignCreateParentStemsIfNotExist(true).save();
+new GroupSave().assignName("ref:affiliation:staff").assignDisplayName("Staff").assignCreateParentStemsIfNotExist(true).save();
+new GroupSave().assignName("ref:affiliation:student").assignDisplayName("Student").assignCreateParentStemsIfNotExist(true).save();
 
 group = GroupFinder.findByName(gs, "etc:sysadmingroup", true)
 group.getAttributeDelegate().assignAttribute(LoaderLdapUtils.grouperLoaderLdapAttributeDefName()).getAttributeAssign()

Workbench/grouper_data/container_files/bootstrap/set-prov.gsh

@@ -0,0 +1,37 @@
+
+provisioner_name="midPoint";
+GrouperSession grouperSession = GrouperSession.startRootSession();
+
+def setProvOnStem(grouperSession,provisioner_name,folder_name) {
+  AttributeAssign attributeAssignMarker = null;
+  attributeAssignMarker = new AttributeAssignSave(grouperSession).assignOwnerStemName(folder_name).assignNameOfAttributeDefName("etc:provisioning:provisioningMarker").save();
+  new AttributeAssignSave(grouperSession).assignOwnerAttributeAssign(attributeAssignMarker).assignNameOfAttributeDefName("etc:provisioning:provisioningDirectAssign").addValue("true").save();
+  new AttributeAssignSave(grouperSession).assignOwnerAttributeAssign(attributeAssignMarker).assignNameOfAttributeDefName("etc:provisioning:provisioningDoProvision").addValue(provisioner_name).save();
+  new AttributeAssignSave(grouperSession).assignOwnerAttributeAssign(attributeAssignMarker).assignNameOfAttributeDefName("etc:provisioning:provisioningStemScope").addValue("sub").save();
+  new AttributeAssignSave(grouperSession).assignOwnerAttributeAssign(attributeAssignMarker).assignNameOfAttributeDefName("etc:provisioning:provisioningTarget").addValue(provisioner_name).save();
+  new AttributeAssignSave(grouperSession).assignOwnerAttributeAssign(attributeAssignMarker).assignNameOfAttributeDefName("etc:provisioning:provisioningMetadataJson").addValue("{\"md_trim_prefix\":\"whatever\",\"md_entityId\":\"theEntityId\"}").save();
+
+}
+
+def setProvOnGroup(grouperSession,provisioner_name,group_name) {
+  AttributeAssign attributeAssignMarker = null;
+  attributeAssignMarker = new AttributeAssignSave(grouperSession).assignOwnerGroupName(group_name).assignNameOfAttributeDefName("etc:provisioning:provisioningMarker").save();
+  new AttributeAssignSave(grouperSession).assignOwnerAttributeAssign(attributeAssignMarker).assignNameOfAttributeDefName("etc:provisioning:provisioningDirectAssign").addValue("true").save();
+  new AttributeAssignSave(grouperSession).assignOwnerAttributeAssign(attributeAssignMarker).assignNameOfAttributeDefName("etc:provisioning:provisioningDoProvision").addValue(provisioner_name).save();
+  new AttributeAssignSave(grouperSession).assignOwnerAttributeAssign(attributeAssignMarker).assignNameOfAttributeDefName("etc:provisioning:provisioningStemScope").addValue("sub").save();
+  new AttributeAssignSave(grouperSession).assignOwnerAttributeAssign(attributeAssignMarker).assignNameOfAttributeDefName("etc:provisioning:provisioningTarget").addValue(provisioner_name).save();
+  new AttributeAssignSave(grouperSession).assignOwnerAttributeAssign(attributeAssignMarker).assignNameOfAttributeDefName("etc:provisioning:provisioningMetadataJson").addValue("{\"md_trim_prefix\":\"whatever\",\"md_entityId\":\"theEntityId\"}").save();
+
+}
+
+setProvOnStem(grouperSession,provisioner_name,"app")
+setProvOnStem(grouperSession,provisioner_name,"test")
+setProvOnStem(grouperSession,provisioner_name,"ref:dept")
+setProvOnStem(grouperSession,provisioner_name,"ref:course")
+setProvOnGroup(grouperSession,provisioner_name,"ref:affiliation:alum")
+setProvOnGroup(grouperSession,provisioner_name,"ref:affiliation:community")
+setProvOnGroup(grouperSession,provisioner_name,"ref:affiliation:faculty")
+setProvOnGroup(grouperSession,provisioner_name,"ref:affiliation:member")
+setProvOnGroup(grouperSession,provisioner_name,"ref:affiliation:staff")
+setProvOnGroup(grouperSession,provisioner_name,"ref:affiliation:student")
+

Workbench/midpoint_server/container_files/mp-home/post-initial-objects/resources/100-grouper-new.xml

@@ -323,7 +323,8 @@
                 <cap:host>
                     <cap:type>connector</cap:type>
                 </cap:host>
-            </cap:script>
+	    </cap:script>
+	    <cap:liveSync/>
         </native>
     </capabilities>
 </resource>

Workbench/midpoint_server/container_files/mp-home/post-initial-objects/tasks/600-task-import-grouper-groups.xml

@@ -42,13 +42,15 @@
     <ownerRef oid="e897468f-20bd-419c-8fc5-1fe60e2600de" relation="org:default" type="c:UserType">
         <!-- banderson -->
     </ownerRef>
-    <executionState>suspended</executionState>
-    <schedulingState>suspended</schedulingState>
+    <executionStatus>runnable</executionStatus>
     <category>ImportingAccounts</category>
     <objectRef oid="fb0bbf07-e33f-4ddd-85a1-16a7edc237f2" relation="org:default" type="c:ResourceType">
         <!-- Source: Groups-New -->
     </objectRef>
     <binding>loose</binding>
+    <schedule>
+        <interval>600</interval>
+    </schedule>
     <activity>
         <work>
             <import>

Workbench/midpoint_server/container_files/mp-home/post-initial-objects/tasks/620-task-import-grouper-subjects.xml

@@ -42,13 +42,15 @@
     <ownerRef oid="e897468f-20bd-419c-8fc5-1fe60e2600de" relation="org:default" type="c:UserType">
         <!-- banderson -->
     </ownerRef>
-    <executionState>suspended</executionState>
-    <schedulingState>suspended</schedulingState>
+    <executionStatus>runnable</executionStatus>
     <category>ImportingAccounts</category>
     <objectRef oid="fb0bbf07-e33f-4ddd-85a1-16a7edc237f2" relation="org:default" type="c:ResourceType">
         <!-- Source: Groups-New -->
     </objectRef>
     <binding>loose</binding>
+    <schedule>
+        <interval>600</interval>
+    </schedule>
     <activity>
         <work>
             <import>