managed/user repository, usecase1

This topic has 5 replies, 2 voices, and was last updated 6 years, 1 month ago by Morten Lømo.

  • Author
    Posts
  • #4894
     Morten Lømo
    Participant

    I use MySQL as repository. Then I run usecase1. I run the curl command to reconciliate users from OpenDJ to OpenIDM. The contents of the database for one of the users looks like this:

    mysql> select * from managedobjects;
    ..
    | 11 | 4 | user.1 | 0 | {“manager”:{“displayName”:”user.0″,”$ref”:”/managed/user/user.0″,”managerId”:”user.0″},”passwordAttempts”:”0″,”department”:”Human Resources”,”address1″:”70110 Fourth Street”,”address2″:””,”givenName”:”Aaren”,”effectiveRoles”:[“openidm-authorized”],”password”:{“$crypto”:{“value”:{“data”:”6ikd0xXS0WFjD6YhWqXbNQ==”,”cipher”:”AES/CBC/PKCS5Padding”,”iv”:”Le0amoP0dwbuQxgcHxHkZw==”,”key”:”openidm-sym-default”},”type”:”x-simple-encryption”}},”userType”:”employee”,”city”:”New Haven”,”lastPasswordSet”:”2015-07-27T19:52:18.346Z”,”title”:null,”postalCode”:”93694″,”_id”:”user.1″,”accountStatus”:”active”,”stateProvince”:”OH”,”userName”:”user.1″,”mail”:”[email protected]”,”sn”:”Atp”,”accounts”:[“Business”],”lastPasswordAttempt”:”Mon Jul 27 2015 21:52:18 GMT+0200 (CEST)”,”country”:””,”_rev”:”0″,”telephoneNumber”:”+1 680 734 6300″,”roles”:[“openidm-authorized”],”effectiveAssignments”:{},”postalAddress”:””,”employeeNumber”:”1″,”displayName”:”Aaren Atp”}
    ..
    23 rows in set (0.00 sec)

    When I look at the sync.json file, I can see that the list of Properties in the file is a subset of the contents of the fullobject column in the database (above). This also agrees with the OpenIDM documentation which says the same thing: ” The contents of the properties table is a subset of the properties in the fullobject column of the main table.”

    I was wandering: Where do you define the contents of the fullobject column? I.e. the list of attributes that goes into a fullobject entry. Mapping in the sync.json file only gives you half the answer as it only contains a subset of all the attributes.

    #4904
     Morten Lømo
    Participant

    Example: the attributes “country”and “postalAddress” are contained in the fullobject column in the database but not in sync.json. How does OpenIDM know that it should store “country” and “postalAddress” in fullobject?

    • This reply was modified 6 years, 1 month ago by Morten Lømo.
    #4924
     laurent.bristiel
    Participant

    You are right, “country” and “postalAdress” are not part of the mapping defined in sync.json.
    Those properties are created by the script called in managed.json:

    { "objects" : [
            {
                "name" : "user",
                "onCreate" : {
                    "type" : "text/javascript",
                    "file" : "ui/onCreate-user-set-default-fields.js"
                }, (...)

    This means that whenever a manager user is created, the script ui/onCreate-user-set-default-fields.js is called. And this script contains:

    if (!object.postalAddress) {
        object.postalAddress = "";
    }
    
    if (!object.country) {
        object.country = "";
    }

    There are explanations about this mechanism in the integrator’s guide.
    See the “Managed Objects” section for example.

    #4926
     Morten Lømo
    Participant

    Thanks. I find the onCreate..file in two places:

    openidm/bin/defaults/script/ui/onCreate-user-set-default-fields.js
    openidm/samples/workflow/script/onCreate-user-set-default-fields.js

    1. I guess its the first one that is used for usecase1. Am I correct?

    2. If I startup OpenIDM with ./startup.sh -p samples/workflow, will OpenIDM pick the other one?

    #4927
     laurent.bristiel
    Participant

    yes and yes.
    the order in which the script folders are searched for is explained here.

    "sources" : {
        "default" : {
            "directory" : "&{launcher.install.location}/bin/defaults/script"
        },
        "install" : {
            "directory" : "&{launcher.install.location}"
        },
        "project" : {
            "directory" : "&{launcher.project.location}"
        },
        "project-script" : {
            "directory" : "&{launcher.project.location}/script"
        }

    “The order in which locations are listed in the “sources” property is important. Scripts are loaded from the bottom up in this list, that is, scripts found in the last location on the list are loaded first.”

    #4928
     Morten Lømo
    Participant

    Thanks. Now I understand :-)
    Morten

Viewing 6 posts - 1 through 6 (of 6 total)

You must be logged in to reply to this topic.

©2021 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?