Uploaded image for project: 'MidPoint'
  1. MidPoint
  2. MID-2203

Focus mappings, object template and schema handling mapping problem when handling null

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Critical
    • Resolution: Reviewed
    • Affects Version/s: 3.1 (Sinan)
    • Fix Version/s: 3.1.1
    • Component/s: None
    • Labels:
      None

      Description

      Scenario: I have a metarole, which is automatically assigned to roles of certain roleType. The role contains focus mapping (1) and when assigned to the user, user attribute is set to TRUE. When the role is unassigned, I want the attribute to be set to FALSE, which is done by using weak mapping in object template (because unassigning the role would set it to null).

      Also this attribute is being provisioned to LDAP. So I want to assign role, which sets the attribute to TRUE and provisions to LDAP as TRUE value. When removing role, I want the attribute to be FALSE in midPoint User and also in resource (LDAP).

      Setting to TRUE works, setting to FALSE does NOT work. I.e. unassigning the role will set the user attribute to FALSE (in weak mapping in object template), but the attribute will be removed from LDAP account, I suppose because the value was set to null meanwhile.

      This might be some kind of ordering/dependency of mappings between role focus mapping, user template and schema handling ...

      1. role has following mapping:

          <inducement>
              <focusMappings>
                  <mapping>
                      <authoritative>true</authoritative>
                      <expression>
                          <value>TRUE</value>
                      </expression>
                      <target>
                          <path>$user/extension/ext:customStatusUP</path>
                      </target>
                  </mapping>
              </focusMappings>
              <focusType>c:UserType</focusType>
              <order>2</order>
      	<condition>
      		<source>
      			<path>$immediateRole/roleType</path>
      		</source>
      		<expression>
      			<script>
      				<code>roleType == 'jobTitleUP'</code>
      			</script>
      		</expression>
      	</condition>
          </inducement>
      

      2. user template has the following mapping:

          <mapping>
          	<name>Default customStatusUP (FALSE)</name>
              <strength>weak</strength>
          	<expression>
                 <value>FALSE</value>
          	</expression>
            	<target>
          		<path>$user/extension/ext:customStatusUP</path>
          	</target>
          </mapping>
      

      3. resource schema handling has simple mapping:

      			<attribute>
      				<ref>ri:customStatusUP</ref>
      				<outbound>
      					<source>
      						<path>$user/extension/ext:customStatusUP</path>
      					</source>
      				</outbound>
      			</attribute>
      

        Attachments

          Activity

            People

            Assignee:
            semancik Radovan Semancik
            Reporter:
            vix Ivan Noris
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: