grouper-dev - [grouper-dev] Re: [grouper-core] Re: [grouper-users] Change log issue
Subject: Grouper Developers Forum
List archive
- From: Tom Zeller <>
- To: Tim Darby <>
- Cc:
- Subject: [grouper-dev] Re: [grouper-core] Re: [grouper-users] Change log issue
- Date: Fri, 14 Jun 2013 08:00:05 -0500
- Authentication-results: sfpop-ironport05.merit.edu; dkim=pass (signature verified)
Could you run your test and reply with logs please ?
You'll need the psp log level set to debug. I am interested in the
deleteMembership changelog entry log lines.
On Thu, Jun 13, 2013 at 11:16 PM, Tim Darby
<>
wrote:
> The order is 3 privilege types, then deleteMembership, and lastly
> deleteGroup.
>
> Tim Darby
> The University of Arizona
> Mosaic, Systems Integration and Architecture
>
> UITS, Rm 335, 520-626-3799
>
>
> On Thu, Jun 13, 2013 at 7:58 PM, Tom Zeller
> <>
> wrote:
>>
>> Moving to grouper-dev.
>>
>> When a member group is deleted and the 5 change log entries are
>> created, is the deletion of the member group first or last ?
>>
>> In any case, the name of the member group being deleted *should* be
>> presented as the 'subjectName' of the deleteMembership changelog
>> entry.
>>
>> On Thu, Jun 13, 2013 at 4:16 PM, Tim Darby
>> <>
>> wrote:
>> > Any thoughts on this?
>> >
>> > On Tue, Jun 4, 2013 at 2:22 PM, Tim Darby
>> > <>
>> > wrote:
>> >>
>> >> I've looked into this a bit deeper and tell me if this makes any sense:
>> >>
>> >> - I delete a group that is a member of another group.
>> >> - This creates a change log temp entry which grouper daemon converts
>> >> into
>> >> 5 change log entries.
>> >> - When psp hits the change log entry for deleteMembership, what it
>> >> needs
>> >> at that point is the group name of the member group, however that name
>> >> appears nowhere in the change log entries.
>> >>
>> >> So how can it get the name?
>> >>
>> >> As far as I can tell there are only two places that name still exists
>> >> at
>> >> that point - the grouper_members table and the grouper_pit_groups
>> >> table. Is
>> >> there PSP resolver code that will get at those tables? Or is there
>> >> another
>> >> way to get that group name that I'm completely missing?
>> >>
>> >> On Thu, May 23, 2013 at 9:41 AM, Tim Darby
>> >> <>
>> >> wrote:
>> >>>
>> >>> Thanks, Tom, that makes a lot of sense. Could this be the issue? My
>> >>> config tries to calculate hasMember for a group using this code in
>> >>> psp-resolver:
>> >>>
>> >>> <!-- The value of the "changeLogMembershipGroupSubjectName"
>> >>> attribute
>> >>> is the name of the group member of a membership change
>> >>> log entry. -->
>> >>> <resolver:AttributeDefinition
>> >>> id="changeLogMembershipGroupSubjectName"
>> >>> xsi:type="ad:Script">
>> >>> <resolver:Dependency ref="AddMembershipChangeLogDataConnector" />
>> >>> <resolver:Dependency ref="DeleteMembershipChangeLogDataConnector"
>> >>> />
>> >>> <ad:Script><![CDATA[
>> >>> // Import Shibboleth attribute provider.
>> >>>
>> >>>
>> >>> importPackage(Packages.edu.internet2.middleware.shibboleth.common.attribute.provider);
>> >>>
>> >>> // Create the attribute to be returned.
>> >>> changeLogMembershipGroupSubjectName = new
>> >>> BasicAttribute("changeLogMembershipGroupSubjectName");
>> >>>
>> >>> // Return 'subjectName' attribute values if the 'sourceId'
>> >>> attribute is 'g:gsa'.
>> >>> if (typeof sourceId != "undefined" && sourceId != null ){
>> >>> if (sourceId.getValues().contains("g:gsa")) {
>> >>> if (typeof subjectName != "undefined" && subjectName
>> >>> !=
>> >>> null ){
>> >>>
>> >>>
>> >>> changeLogMembershipGroupSubjectName.getValues().add(subjectName.getValues().get(0));
>> >>> }
>> >>> }
>> >>> }
>> >>> ]]></ad:Script>
>> >>> </resolver:AttributeDefinition>
>> >>>
>> >>> Would this fail if the the member group is deleted before PSP tries to
>> >>> process deleteMembership?
>
>
- [grouper-dev] Re: [grouper-core] Re: [grouper-users] Change log issue, Tom Zeller, 06/13/2013
- [grouper-dev] Re: [grouper-core] Re: [grouper-users] Change log issue, Tim Darby, 06/14/2013
- [grouper-dev] Re: [grouper-core] Re: [grouper-users] Change log issue, Tom Zeller, 06/14/2013
- [grouper-dev] Re: [grouper-core] Re: [grouper-users] Change log issue, Tim Darby, 06/14/2013
- [grouper-dev] Re: [grouper-core] Re: [grouper-users] Change log issue, Tom Zeller, 06/14/2013
- Re: [grouper-dev] Re: [grouper-core] Re: [grouper-users] Change log issue, Shilen Patel, 06/14/2013
- Re: [grouper-dev] Re: [grouper-core] Re: [grouper-users] Change log issue, David Langenberg, 06/14/2013
- Re: [grouper-dev] Re: [grouper-core] Re: [grouper-users] Change log issue, Tom Zeller, 06/14/2013
- Re: [grouper-dev] Re: [grouper-core] Re: [grouper-users] Change log issue, Shilen Patel, 06/14/2013
- [grouper-dev] Re: [grouper-core] Re: [grouper-users] Change log issue, Tom Zeller, 06/14/2013
- [grouper-dev] Re: [grouper-core] Re: [grouper-users] Change log issue, Tim Darby, 06/14/2013
- [grouper-dev] Re: [grouper-core] Re: [grouper-users] Change log issue, Tom Zeller, 06/14/2013
- [grouper-dev] Re: [grouper-core] Re: [grouper-users] Change log issue, Tim Darby, 06/14/2013
Archive powered by MHonArc 2.6.16.