Grouper Users - Open Discussion List

["Waldbieser, Carl" <>]

Jeff,

I have a Jython script I wrote that sets up or edits loader jobs.  I use 
Grouper Shell Wrappers [1] so that I can use a scripting language I prefer 
over straight GSH, but it isn't hard to translate from one language to 
another.  Learning the API is the tricky part.

I attached "loader_tools.py" (not sure if the list will accept the 
attachment).  It does reference `jython_grouper`, which is just part of the 
shell wrapper.  It provides functions like `getRootSession()` or 
`findSubject()`.

I am guessing that `g.getAttribute()` would read the attributes you want.

Thanks,
Carl Waldbieser
ITS Systems Programmer
Lafayette College

[1] https://github.com/wgthom/groovysh4grouper

----- Original Message -----
From: "Jeffrey Crawford" 
<>
To: "Hyzer, Chris" 
<>
Cc: "Gouper Users List" 
<>
Sent: Wednesday, February 17, 2016 2:41:40 PM
Subject: Re: [grouper-users] Listing existing attributes in grouper Shell

Something like the following:

grouperSession = GrouperSession.startRootSession();
getGroupAttrs("org:path:loader:group");
  grouper_loader_LDAP = "enabled", ""
  grouper_loader_LDAP_Type = "enabled", "LDAP_SOMPLE"
  grouper_loader_LDAP_Filter = "enabled", "(accountStatus=Active)"
  grouper_loader_LDAP_Quartz_Cron = "enabled", "0 0/6 9-18 * * ?"
  grouper_loader_LDAP_search_base_DN = "enabled", "ou=People"
  grouper_loader_LDAP_server_ID = "enabled", "ldap-source"
  grouper_loader_LDAP_source_ID = "enabled", "iamsystem"
  grouper_loader_LDAP_subject_attribute_name = "enabled", "uidNumber"

Then call the following to set a new schedule:
setGroupAttr("org:path:loader:group", "grouper_loader_LDAP_Quartz_Cron",
"enabled", "0 1/6 9-18 * * ?");


Jeffrey 
<>

Both pilots and IT professionals require training and currency before
charging into clouds!
---------------------------------------

On Wed, Feb 17, 2016 at 8:10 AM, Hyzer, Chris 
<>
 wrote:

> Send me some pseudo code (pretend methods as you think they should exist)
> of what you want to do
>
>
>
> Thanks
>
> Chris
>
>
>
> *From:* Jeffrey Crawford 
> [mailto:]
> *Sent:* Wednesday, February 17, 2016 10:38 AM
>
> *To:* Hyzer, Chris 
> <>
> *Cc:* Gouper Users List 
> <>
> *Subject:* Re: [grouper-users] Listing existing attributes in grouper
> Shell
>
>
>
> This is not exactly doing what I had hoped. Basically I'm looking to
> programmatically read attributes on groups that are loader jobs (some SQL
> some are LDAP), and then change what I want.
>
> I'm sure I'm asking the wrong question here :)
>
>
> Jeffrey E. Crawford
> ITS Application Administrator (IdM)
> 831-459-4365
> 
>
>
>
> Both pilots and IT professionals require training and currency before
> charging into clouds!
>
> ---------------------------------------
>
>
>
> On Fri, Feb 12, 2016 at 7:13 AM, Hyzer, Chris 
> <>
> wrote:
>
> See the attributeDelegate…  this is from a test case
>
>
>
>
> assertTrue(group0.getAttributeDelegate().hasAttribute(attributeDefName0));
>
>     List<String> values =
> group0.getAttributeValueDelegate().retrieveValuesString(attributeDefName0.getName());
>
>     assertEquals(2, values.size());
>
>     assertTrue(values.contains("A"));
>
>     assertTrue(values.contains("B"));
>
>
>
> also
>
>
>
> group0.getAttributeDelegate().retrieveAttributes()
>
>
>
>
>
>
>
>
>
> *From:* Jeffrey Crawford 
> [mailto:]
> *Sent:* Friday, February 12, 2016 1:41 AM
> *To:* Hyzer, Chris 
> <>
> *Cc:* Gouper Users List 
> <>
> *Subject:* Re: [grouper-users] Listing existing attributes in grouper
> Shell
>
>
>
> sorry ask the question and then lost track. I'm using grouper shell. I
> wanted to see the current values and then set new schedule settings via the
> shell.
>
>
> Jeffrey E. Crawford
> ITS Application Administrator (IdM)
> 831-459-4365
> 
>
>
>
> Both pilots and IT professionals require training and currency before
> charging into clouds!
>
> ---------------------------------------
>
>
>
> On Wed, Feb 10, 2016 at 8:29 AM, Hyzer, Chris 
> <>
> wrote:
>
> Is this for a WS call or an API call?  What are you trying to do?  Do you
> want values too or just see if an attribute is assigned?
>
>
>
> *From:* 
> 
>  [mailto:
> ]
>  *On Behalf Of *Jeffrey Crawford
> *Sent:* Friday, February 05, 2016 3:20 PM
> *To:* Gouper Users List 
> <>
> *Subject:* [grouper-users] Listing existing attributes in grouper Shell
>
>
>
> I've see getGroupAttr but is there something like getGroupAttrs which
> lists the attributes that exist on a group entry?
>
>
> Jeffrey
>
> C.
>
>
>
>
>
> Both pilots and IT professionals require training and currency before
> charging into clouds!
>
> ---------------------------------------
>
>
>
>
>
import jython_grouper
from edu.internet2.middleware.grouper.app.loader.ldap import LoaderLdapUtils
from edu.internet2.middleware.grouper.app.loader import GrouperLoader
from edu.internet2.middleware.grouper import GroupTypeFinder       

def connect_group_to_sql_source(session, group_name, db_id, query, **kwds):
    """
    :param `session`: A Grouper session.
    :param `group_name`: A grouper group name.
    :param `db_id`: The database identifier from `grouper-loader.properties`.
    :param `query`: SQL query with result columns `subject_id` and `subject_source_id`. 
    :param `cron`: Optional Quartz cron schedule.  Default: '0 0 0 * * ?'.

    Returns the Grouper group that was connected to the SQL source.
    """
    cron = kwds.get("cron", "0 0 0 * * ?")
    g = jython_grouper.getGroup(session, group_name)
    t = GroupTypeFinder.find("grouperLoader", True)
    g.addType(t)
    g.setAttribute("grouperLoaderDbName", db_id)
    g.setAttribute("grouperLoaderQuartzCron", cron)
    g.setAttribute("grouperLoaderQuery", query)
    g.setAttribute("grouperLoaderScheduleType", "CRON")                                            
    g.setAttribute("grouperLoaderType", "SQL_SIMPLE")  
    return g

def edit_group_sql_source(session, group_name, **kwds):
    """
    Edit the properties of a SQL connected group.

    :param `session`: A Grouper session.
    :param `group_name`: A grouper group name.
    :param `db_id`: Optional.  The database identifier from `grouper-loader.properties`.
    :param `query`: Optional.  SQL query with result columns `subject_id` and `subject_source_id`. 
    :param `cron`:  Optional Quartz cron schedule.
    """
    cron = kwds.get("cron", None)
    db_id = kwds.get("db_id", None)
    query = kwds.get("query", None)
    g = jython_grouper.getGroup(session, group_name)
    if db_id is not None:
        g.setAttribute("grouperLoaderDbName", db_id)
    if cron is not None:
        g.setAttribute("grouperLoaderQuartzCron", cron)
    if query is not None:
        g.setAttribute("grouperLoaderQuery", query)
    return g

def connect_group_to_ldap_source(session, group_name, ldap_base_dn, ldap_group_filter, **kwds):
    """
    :param `session`: A Grouper session.
    :param `group_name`: A grouper group name.
    :param `ldap_base_dn`: The base DN from which to search for the LDAP group.
    :param `ldap_group_filter`: An LDAP filter that will result in a single group being returned. 
    :param `cron`: Optional Quartz cron schedule.  Default: '0 0 0 * * ?'.
    :param `server_id`: Optional LDAP server ID.  Default: 'personLdap'.
    :param `subj_attrib_name`: Optional subject attribute name.  Default: 'member'.
    :param `subj_id_type`: Optional subject ID type.  Default: 'subjectIdentifier'.

    Returns the Grouper group that was connected to LDAP.
    """
    server_id = kwds.get("server_id", "personLdap")
    subj_attrib_name = kwds.get("subj_attrib_name", "member")
    subj_id_type = kwds.get("subj_id_type", "subjectIdentifier")
    cron = kwds.get("cron", "0 0 0 * * ?")
    
    group = jython_grouper.getGroup(session, group_name)

    attrib_delegate = group.getAttributeDelegate()
    attr_def_name = LoaderLdapUtils.grouperLoaderLdapAttributeDefName() 
    result = attrib_delegate.assignAttribute(attr_def_name)
    attrib_assign = result.getAttributeAssign()
    attr_value_delegate = attrib_assign.getAttributeValueDelegate()
    attr_value_delegate.assignValue(LoaderLdapUtils.grouperLoaderLdapTypeName(), "LDAP_SIMPLE")
    attr_value_delegate.assignValue(LoaderLdapUtils.grouperLoaderLdapFilterName(), ldap_group_filter)   
    attr_value_delegate.assignValue(LoaderLdapUtils.grouperLoaderLdapQuartzCronName(), cron) 
    attr_value_delegate.assignValue(LoaderLdapUtils.grouperLoaderLdapSearchDnName(), ldap_base_dn)
    attr_value_delegate.assignValue(LoaderLdapUtils.grouperLoaderLdapServerIdName(), server_id) 
    attr_value_delegate.assignValue(LoaderLdapUtils.grouperLoaderLdapSubjectAttributeName(), subj_attrib_name)    
    attr_value_delegate.assignValue(LoaderLdapUtils.grouperLoaderLdapSubjectIdTypeName(), subj_id_type)
    attr_value_delegate.assignValue(LoaderLdapUtils.grouperLoaderLdapErrorUnresolvableName(), "false")            
    attr_value_delegate.assignValue(LoaderLdapUtils.grouperLoaderLdapSubjectExpressionName(), '''${loaderLdapElUtils.convertDnToSpecificValue(subjectId)}''')
    return group

def run_loader_for_group(session, group):
    """
    Run the Grouper Loader once for a connected group.

    :param `session`: A Grouper session.
    :param `group`: A grouper group object.
    """
    GrouperLoader.runJobOnceForGroup(session, group)

def edit_group_ldap_source(session, group_name, **kwds):
    """
    :param `session`: A Grouper session.
    :param `group_name`: A grouper group name.
   
    Optional Parameters: 
    :param `ldap_type`: "LDAP_SIMPLE", etc.
    :param `server_id`:
    :param `subj_attrib_name`:
    :param `subj_id_type`: One of "subjectIdentifier", "subjectId".
    :param `ldap_group_filter`: LDAP filter that selects the group.
    :param `ldap_base_dn`: LDAP base DN to which filter is applied.
    :param `cron`: Quartz cron schedule string (e.g. "0 0 0 * * ?").
    :param `error_on_unresolvable_name`: Boolean.
    :param `subj_expr_name`: Jexl expression for extracting subject name.

    Returns the Grouper group that was connected to LDAP.
    """
    ldap_type = kwds.get("ldap_type", None)
    server_id = kwds.get("server_id", "personLdap")
    subj_attrib_name = kwds.get("subj_attrib_name", "member")
    subj_id_type = kwds.get("subj_id_type", "subjectIdentifier")
    cron = kwds.get("cron", None)
    error_on_unresolvable_name = kwds.get("error_on_unresolvable_name", None)
    subj_expr_name = kwds.get("subj_expr_name", None)
    ldap_group_filter = kwds.get('ldap_group_filter', None)
    ldap_base_dn = kwds.get('ldap_base_dn', None)
 
    group = jython_grouper.getGroup(session, group_name)

    attrib_delegate = group.getAttributeDelegate()
    attr_def_name = LoaderLdapUtils.grouperLoaderLdapAttributeDefName() 
    result = attrib_delegate.assignAttribute(attr_def_name)
    attrib_assign = result.getAttributeAssign()
    attr_value_delegate = attrib_assign.getAttributeValueDelegate()
    if ldap_type is not None:
        attr_value_delegate.assignValue(LoaderLdapUtils.grouperLoaderLdapTypeName(), "LDAP_SIMPLE")
    if ldap_group_filter is not None:
        attr_value_delegate.assignValue(LoaderLdapUtils.grouperLoaderLdapFilterName(), ldap_group_filter)   
    if cron is not None:
        attr_value_delegate.assignValue(LoaderLdapUtils.grouperLoaderLdapQuartzCronName(), cron) 
    if ldap_base_dn is not None:
        attr_value_delegate.assignValue(LoaderLdapUtils.grouperLoaderLdapSearchDnName(), ldap_base_dn)
    if server_id is not None:
        attr_value_delegate.assignValue(LoaderLdapUtils.grouperLoaderLdapServerIdName(), server_id) 
    if subj_attrib_name is not None:
        attr_value_delegate.assignValue(LoaderLdapUtils.grouperLoaderLdapSubjectAttributeName(), subj_attrib_name)    
    if subj_id_type is not None:
        attr_value_delegate.assignValue(LoaderLdapUtils.grouperLoaderLdapSubjectIdTypeName(), subj_id_type)
    if error_on_unresolvable_name is not None:
        if error_on_unresolvable_name:
            value = "true"
        else:
            value = "false"
        attr_value_delegate.assignValue(LoaderLdapUtils.grouperLoaderLdapErrorUnresolvableName(), false)            
    if subj_expr_name is not None:
        attr_value_delegate.assignValue(LoaderLdapUtils.grouperLoaderLdapSubjectExpressionName(), subj_expr_name)

    return group