grouperNewDataModel.adoc
grouper_subject_source
id_index
name
id
descriptiongrouper_members
Existing table can be stripped down since data is in the entity tables
id (012)
idIndex
subjectType (group / person / app / thing)
search strings
sort strings
resolvablegrouper_members_identifiers
Make sure identifiers. (hopefully unique)
When subjects are looked up, it can be a two part process (instead of N-part for N subject sources).
Look at groups in group table, Look at grouper local entities in group table (maybe move to entities table) Look at subjects (including GrouperSystem, users, apps, things) in the data_field tables based on data fields that are marked as identifiers Perhaps make external calls if configured
id (737)
member_id (012)
subject_identifier_value (12345678) (indexed non unique)
data_field_idUnique index on data_field_id / subject_identifier_value tuple
grouper_data_field
Types of data fields for user or rows
Users:
id (234)
system_name (emailAddress)
display_name (Email)
data_type (boolean, string, integer)
type (user)
multi_valued? false
description
viewable_by_group_id abc123
is_identifier? true
access_related? false
stored_locally? true
stored_in_pit? true
pit_retenion: 5 * 365
group_can_see: ref:staff
from_sole_source: my_people
calculated: false
dynamic: falseRow
id (567)
system_name (org)
display_name (Org)
data_type (boolean, string, integer)
type (row)
multi_valued: true
description
viewable_by_group_id xyz234
is_identifier? false
access_related? true
stored_locally? true
pit_retention: 5*365
group_can_see: ref:powerUsers
from_sole_source: my_payroll
calculated: false
dynamic: falsegrouper_data_row
Type of data field rows available for users
id (123)
system_name (affiliation)
display_name (Affiliation)
description
viewable_by_group_id xyz234grouper_data_row_field
Which fields are in which rows
id (538)
grouper_data_row_id (012)
grouper_data_field_id (567)grouper_data_member_field
Assignment of a data field to an entity. When data is synced to the data field tables it will need to do some matching and assign a new grouper_members row if existing not found
id (480)
member_id (012)
grouper_data_field_id (234)
value_id (789)grouper_data_member_changelog
Events that happen to data fields to be processed by loaders/provisioners/etc. Keep data for a week then delete
id (480)
member_id (012)
grouper_data_field_id (234)
old_value_id
new_value_id
date
action
grouper_data_row_id (123)grouper_data_member_field_pit
History of data field to entity
id (480)
member_id (012)
grouper_data_field_id (234)
value_id (789)
started_on 1/2/3
ended_ongrouper_data_member_row
Assignment of a row of data to an entity
id (321)
member_id (012)
grouper_data_row_id (123)grouper_data_member_row_pit
History of assignment of a row of data to an entity
id (321)
member_id (012)
grouper_data_row_id (123)
started_on 1/2/3
ended_ongrouper_data_member_row_field
Assignment of a field to a row assignment
id (637)
grouper_data_row_field_id (538)
value_id (654)grouper_data_member_row_field_pit
History of assignment of a field to a row assignment
id (637)
grouper_data_row_field_id (538)
value_id (654)
started_on 4/5/2021
ended_ongrouper_dictionary
Keep data field values here to reduce data redundancy
id (789)
value (a@b.c)
id (654)
value (math)grouper_data_field_sec_group_mem_cache
Cache these memberships so lookups are fast. Cache this in memory too for long running processes. The groups that are cached are... any groups that secure fields, any groups that secure rows, etc
id
sec_group_id
mem_id_indexgrouper_data_field_row_sec
Row level security for data
id (941)
grouper_data_field_id (234)
group_id_of_result_member
viewable_by_group_id rst567grouper_data_field_row_pop_group
id
group_id_of_result_member
viewable_by_group_id rst567