Skip to Content.
Sympa Menu

grouper-dev - attribute scoping

Subject: Grouper Developers Forum

List archive

attribute scoping


Chronological Thread 
  • From: Chris Hyzer <>
  • To: Grouper Dev <>
  • Subject: attribute scoping
  • Date: Fri, 30 Apr 2010 15:40:10 -0400
  • Accept-language: en-US
  • Acceptlanguage: en-US

Hey,

 

https://bugs.internet2.edu/jira/browse/GRP-424

 

This is done:

https://spaces.internet2.edu/display/GrouperWG/v1.6+Grouper+attribute+scoping

Grouper attributes in the new attribute framework can be scoped so they can only be assigned to certain owners (besides the type of assignment, permissions, etc).

 

Note: this is one of the remaining gaps to convert from the old group attributes to the new attribute framework attributes.  The last gap I believe is UI support to read/assign/unassign attributes…

 

To be able to assign a scope the caller needs admin on the attributeDef, and perhaps rights on the object being tied to…

There are the following scope types:

    * attributeDefNameIdAssigned: This is similar to the previous grouper attribute "typing" where you can only assign this attribute type to objects which already have another attribute assigned. So if the original attribute is a "type", then that will be have to assigned first. Use this like this:

//attributeDefAttr is the attribute which is dependent on the type being assigned
//attributeDefTypeAttr is the "type" which must be on the owner of the attribute
//for the attribute to be assigned
attributeDefAttr.getAttributeDefScopeDelegate().assignTypeDependence(attributeDefTypeName);

    * inStem: The owner (group, stem, attributeDef) must be in a certain stem (directly)

attributeDefAttr.getAttributeDefScopeDelegate().assignStemScope(stem2);

    * nameLike: The owner (group, stem, attributeDef) must match a SQL like string. e.g. to do substem matching

attributeDefType.getAttributeDefScopeDelegate().assignStemSubScope(stem2);

    * You can also scope by owner name, id, subjectSourceId

Example of attribute type

Here is an attribute type, and a dependent attribute definition, in GSH

//create type
grouperSession = GrouperSession.startRootSession();
stemType = new StemSave(grouperSession).assignName("testStemType").assignStemNameToEdit("testStemType").save();
typeDef = stemType.addChildAttributeDef("typeDef", AttributeDefType.type);
typeDef = AttributeDefFinder.findByName("testStemType:typeDef", true);
typeDef.setAssignToGroup(true);
typeDef.store();
typeDefName = stemType.addChildAttributeDefName(typeDef, "typeDefName", "typeDefName");
typeDefName = AttributeDefNameFinder.findByName("testStemType:typeDefName", true);

//create attr
stemAttr = new StemSave(grouperSession).assignName("testStemAttr").assignStemNameToEdit("testStemAttr").save();
attrDef = stemAttr.addChildAttributeDef("attrDef", AttributeDefType.attr);
attrDef = AttributeDefFinder.findByName("testStemAttr:attrDef", true);
attrDef.setAssignToGroup(true);
attrDef.store();
attrDefName = stemAttr.addChildAttributeDefName(attrDef, "attrDefName", "attrDefName");
attrDefName = AttributeDefNameFinder.findByName("testStemAttr:attrDefName", true);

//link the attr with the type so without the type assigned, the attr cannot be assigned
attrDef.getAttributeDefScopeDelegate().assignTypeDependence(typeDefName);


Note: this is in the new export/import functionality for 1.6
Note: in the future we need to add methods to find attributes that can be assigned to a certain owner, need to search by criteria, security, and scope
Note: this is only at assign time, if you change a scope, there is no way to adjust existing assignments

 

Regards,

Chris


  • attribute scoping, Chris Hyzer, 04/30/2010

Archive powered by MHonArc 2.6.16.

Top of Page