Skip to Content.
Sympa Menu

grouper-users - Re: [grouper-users] Auto removal on groupA or groupB when "added" to groupC

Subject: Grouper Users - Open Discussion List

List archive

Re: [grouper-users] Auto removal on groupA or groupB when "added" to groupC


Chronological Thread 
  • From: Chris Hyzer <>
  • To: Jeffrey Crawford <>
  • Cc: Gouper Users List <>
  • Subject: Re: [grouper-users] Auto removal on groupA or groupB when "added" to groupC
  • Date: Tue, 27 Oct 2015 01:00:05 -0400
  • Importance: normal
Are all the groups in one folder?   If it's 4 groups only forever then some rules might work.  Otherwise might need a hook and java logic. 

-------- Original message --------
From: Jeffrey Crawford
Date:10/26/2015 3:44 PM (GMT-05:00)
To: Chris Hyzer
Cc: Gouper Users List
Subject: Re: [grouper-users] Auto removal on groupA or groupB when "added" to groupC

This is more like a trigger. Let say you have 4 policies for a service:

policy1
policy2
policy3
policy4

The system can only map a user to a single policy. Since we are representing this with groups a member can only be a member of one of the above groups.

So if for example someone changes jobs and needs to move from policy1 to policy3, however the person managing the groups forgets to remove the user out of policy1 then they are a member of two policies, which can cause bad behavior. Therefore if grouper can trigger a job when a user is added to policy3 to make sure said member is removed if they exist in policy1 policy2 or policy4.

Both pilots and IT professionals require training and currency before charging into clouds!
---------------------------------------

On Mon, Oct 26, 2015 at 11:22 AM, Chris Hyzer <> wrote:

Can you give a more explicit example please?

 

Groups can be members of other groups.  i.e.

 

GroupA has GroupB as a member, and  GroupB has jsmith as a member

GroupA2 also has GroupB as a member, which also means jsmith is an effective member of GroupA2.

 

If you remove jsmith from GroupB, then jsmith will then not be an effective member of GroupA or GroupA2.  Is that what you want?

 

Thanks,

Chris

 

From: [mailto:] On Behalf Of Jeffrey Crawford
Sent: Monday, October 26, 2015 2:19 PM
To: Gouper Users List
Subject: [grouper-users] Auto removal on groupA or groupB when "added" to groupC

 

I know the RuleApi allows you to remove from groupA if removed from groupB, however we have a concept of "profiles" which require that a user is only a member of a single group in a particular series of groups.

I was wondering if you have such a concept since trying to remember to remove someone from a group if they are added to another group is error prone.


Jeffrey

 

Both pilots and IT professionals require training and currency before charging into clouds!

---------------------------------------



Archive powered by MHonArc 2.6.16.

Top of Page