Date: Thu, 28 Mar 2024 15:27:30 +0000 (UTC) Message-ID: <1734265752.6575.1711639650922@ip-10-10-7-29.ec2.internal> Subject: Exported From Confluence MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_Part_6574_1350645532.1711639650920" ------=_Part_6574_1350645532.1711639650920 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Content-Location: file:///C:/exported.html
This is not a "loader", this is a script that loads things from = a SQL. This is currently a full sync
|
Note: we can make some common things library methods to make this easier= in future
Note, change around the subject source, folders, attributes, etc. = Note also this can be destructive, so pay attention and do not delete prod = data!
Table for permissions that simulates a view to pull from (mysql example)=
CREATE = TABLE permission_load (group_name VARCHAR(100), subject_id VARCHAR(100), permission_name VARCHAR(100)); ALTER TABLE permission_load ADD PRIMARY KEY(group_name, subject_id, permission_name);
GSH script creates a bunch of roles and permissions and randomly assigns= some data in grouper and database
import = java.util.ArrayList; import java.util.HashMap; import java.util.HashSet; import java.util.List; import java.util.Map; import java.util.Set; import edu.internet2.middleware.grouper.attr.AttributeDef; import edu.internet2.middleware.grouper.attr.AttributeDefName; import edu.internet2.middleware.grouper.attr.AttributeDefNameSave; import edu.internet2.middleware.grouper.attr.AttributeDefSave; import edu.internet2.middleware.grouper.attr.AttributeDefType; import edu.internet2.middleware.grouper.attr.AttributeDefValueType; import edu.internet2.middleware.grouper.group.TypeOfGroup; import edu.internet2.middleware.grouper.permissions.PermissionAllowed; import edu.internet2.middleware.grouperClient.collections.MultiKey; import edu.internet2.middleware.grouperClient.jdbc.GcDbAccess; import edu.internet2.middleware.subject.Subject; boolean deleteOldData =3D true; String subjectSource =3D "jdbc"; GrouperSession grouperSession =3D GrouperSession.startRootSession(); int roleCount =3D 100; Map groupMap =3D new HashMap(); for (int i =3D 0; i < roleCount; i++) { groupMap.put("role" + i, new GroupSave(grouperSession).assignName("test2= :role1").assignTypeOfGroup(TypeOfGroup.role).assignCreateParentStemsIfNotEx= ist(true).save()); } for (int i =3D 0; i < roleCount; i++) { groupMap.put("role" + i, new GroupSave(grouperSession).assignName("test2:= role" + i).assignTypeOfGroup(TypeOfGroup.role).assignCreateParentStemsIfNot= Exist(true).save()); } Stem test3 =3D StemFinder.findByName(grouperSession, "test3", false); if (deleteOldData && test3 !=3D null) { Stem.obliterate("test3", false, false, true); } if (deleteOldData) { new GcDbAccess().sql("delete from permission_load").executeSql(); } AttributeDef permissionDef =3D new AttributeDefSave(grouperSession).assignN= ame("test3:permissionDef").assignCreateParentStemsIfNotExist(true).assignTo= Group(true).assignToEffMembership(true).assignAttributeDefType(AttributeDef= Type.perm).assignMultiAssignable(false).assignValueType(AttributeDefValueTy= pe.marker).save(); permissionDef.getAttributeDefActionDelegate().configureActionList("assign")= ; int permissionCount =3D 100; Map permissionMap =3D new HashMap(); for (int i =3D 0; i < permissionCount; i++) { permissionMap.put("permission" + i, new AttributeDefNameSave(grouperSessi= on, permissionDef).assignName("test3:permission" + i).assignCreateParentSte= msIfNotExist(true).save()); } Map subjectMap =3D new HashMap(); int subjectCount =3D 10; for (int i =3D 0; i < subjectCount; i++) { subjectMap.put("test.subject." + i, SubjectFinder.findByIdAndSource("test= .subject." + i, subjectSource, true)); } int assignmentCount =3D 100; List assignments =3D new ArrayList(); for (int i =3D 0; i < assignmentCount; i++) { Object[] assignment =3D new Object[3]; assignments.add(assignment); } for (int i =3D 0; i < assignmentCount; i++) { ((Object[]) assignments.get(i))[0] =3D subjectMap.get("test.subject." + (= int) Math.floor(Math.random() * subjectCount)); } for (int i =3D 0; i < assignmentCount; i++) { ((Object[]) assignments.get(i))[1] =3D groupMap.get("role" + (int) Math.f= loor(Math.random() * roleCount)); } for (int i =3D 0; i < assignmentCount; i++) { ((Object[]) assignments.get(i))[2] =3D permissionMap.get("permission" + (= int) Math.floor(Math.random() * permissionCount)); } for (int i =3D 0; i < assignmentCount; i++) { assignments.set(i, new MultiKey((Object[]) (assignments.get(i)))); } Set assignmentsSet =3D new HashSet(assignments); assignments.clear(); assignments.addAll(assignmentsSet); for (int i =3D 0; i < assignmentCount; i++) { Subject subject =3D (Subject) ((MultiKey) assignments.get(i)).getKey(0); Group group =3D (Group) ((MultiKey) assignments.get(i)).getKey(1); group.addMember(subject, false); } for (int i =3D 0; i < assignmentCount; i++) { if (Math.random() > 0.5) { Subject subject =3D (Subject) ((MultiKey) assignments.get(i)).getKey(0)= ; Group group =3D (Group) ((MultiKey) assignments.get(i)).getKey(1); AttributeDefName permission =3D (AttributeDefName) ((MultiKey) assignme= nts.get(i)).getKey(2); new GcDbAccess().sql("insert into permission_load (group_name, subject_= id, permission_name) values (?, ?, ?)").addBindVar(group.getName()).addBind= Var(subject.getId()).addBindVar(permission.getName()).executeSql(); } } for (int i =3D 0; i < assignmentCount; i++) { if (Math.random() > 0.5) { Subject subject =3D (Subject) ((MultiKey) assignments.get(i)).getKey(0)= ; Group group =3D (Group) ((MultiKey) assignments.get(i)).getKey(1); AttributeDefName permission =3D (AttributeDefName) ((MultiKey) assignme= nts.get(i)).getKey(2); group.getPermissionRoleDelegate().assignSubjectRolePermission(permissio= n, subject,PermissionAllowed.ALLOWED); } }
GSH script can be scheduled via script daemon
import = java.util.ArrayList; import java.util.HashMap; import java.util.HashSet; import java.util.List; import java.util.Map; import java.util.Set; import edu.internet2.middleware.grouper.app.loader.OtherJobScript; import edu.internet2.middleware.grouper.attr.AttributeDefName; import edu.internet2.middleware.grouper.attr.finder.AttributeDefNameFinder; import edu.internet2.middleware.grouper.permissions.PermissionAllowed; import edu.internet2.middleware.grouperClient.collections.MultiKey; import edu.internet2.middleware.grouperClient.jdbc.GcDbAccess; import edu.internet2.middleware.subject.Subject; =20 // run as root GrouperSession grouperSession =3D GrouperSession.startRootSession(); String sourceId =3D "jdbc"; // get results from target List resultsFromTarget =3D new GcDbAccess().sql("select distinct group_name= , subject_id, permission_name from permission_load").selectList(Object[].cl= ass); for (int i=3D0;i<resultsFromTarget.size();i++) { resultsFromTarget.set(i= , new MultiKey((Object[])resultsFromTarget.get(i))); } if (OtherJobScript.retrieveFromThreadLocal() !=3D null) { OtherJobScript.retrieveFromThreadLocal().getOtherJobInput().getHib3Groupe= rLoaderLog().addTotalCount(resultsFromTarget.size()); } // get results from grouper List resultsFromGrouper =3D new GcDbAccess().sql("select gaaev.group_name, = gaaev.subject_id, gaaev.attribute_def_name_name from grouper_attr_asn_efmsh= ip_v gaaev where gaaev.subject_source_id =3D 'jdbc' and gaaev.attribute_def= _name_name like 'test3:%' and gaaev.group_name like 'test2:%' and gaaev.nam= e_of_attribute_def =3D 'test3:permissionDef'").selectList(Object[].class); for (int i=3D0;i<resultsFromGrouper.size();i++) { resultsFromGrouper.set= (i, new MultiKey((Object[])resultsFromGrouper.get(i))); } // list of inserts List inserts =3D new ArrayList(resultsFromTarget); inserts.removeAll(resultsFromGrouper); // list of deletes List deletes =3D new ArrayList(resultsFromGrouper); deletes.removeAll(resultsFromTarget); // all objects to deal with List allOperations =3D new ArrayList(inserts); allOperations.addAll(deletes); // consolidate groups Set groupNameSet =3D new HashSet(); for (int i=3D0;i<allOperations.size();i++) { MultiKey operation =3D (MultiKey)allOperations.get(i); String groupName =3D (String)operation.getKey(0); groupNameSet.add(groupName); } // consolidate subjects Set subjectIdSet =3D new HashSet(); for (int i=3D0;i<allOperations.size();i++) { MultiKey operation =3D (MultiKey)allOperations.get(i); String subjectId =3D (String)operation.getKey(1); subjectIdSet.add(subjectId); } // consolidate permissions Set permissionNameSet =3D new HashSet(); for (int i=3D0;i<allOperations.size();i++) { MultiKey operation =3D (MultiKey)allOperations.get(i); String permissionName =3D (String)operation.getKey(2); permissionNameSet.add(permissionName); } // lookup groups Map groupMap =3D new HashMap(); List groupNameList =3D new ArrayList(groupNameSet); for (int i=3D0;i<groupNameList.size();i++) { String groupName =3D (String)groupNameList.get(i); Group group =3D GroupFinder.findByName(grouperSession, groupName, false); if (group !=3D null) { groupMap.put(groupName, group); } else { if (OtherJobScript.retrieveFromThreadLocal() !=3D null) { OtherJobScript.retrieveFromThreadLocal().getOtherJobInput().getHib3Gr= ouperLoaderLog().appendJobMessage(" Group not found: " + groupName + "! "); } } } // lookup subjects Map subjectMap =3D new HashMap(); List subjectIdList =3D new ArrayList(subjectIdSet); for (int i=3D0;i<subjectIdList.size();i++) { String subjectId =3D (String)subjectIdList.get(i); Subject subject =3D SubjectFinder.findByIdAndSource(subjectId, "jdbc", fa= lse); if (subject !=3D null) { subjectMap.put(subjectId, subject); } else { if (OtherJobScript.retrieveFromThreadLocal() !=3D null) { OtherJobScript.retrieveFromThreadLocal().getOtherJobInput().getHib3Gr= ouperLoaderLog().appendJobMessage(" Subject not found: " + subjectId + "! "= ); OtherJobScript.retrieveFromThreadLocal().getOtherJobInput().getHib3Gr= ouperLoaderLog().addUnresolvableSubjectCount(1); } } } // lookup permissions Map permissionMap =3D new HashMap(); List permissiionNameList =3D new ArrayList(permissionNameSet); for (int i=3D0;i<permissiionNameList.size();i++) { String permissionName =3D (String)permissiionNameList.get(i); AttributeDefName permission =3D AttributeDefNameFinder.findByName(permiss= ionName, false); if (permission !=3D null) { permissionMap.put(permissionName, permission); } else { if (OtherJobScript.retrieveFromThreadLocal() !=3D null) { OtherJobScript.retrieveFromThreadLocal().getOtherJobInput().getHib3Gr= ouperLoaderLog().appendJobMessage(" Permission not found: " + permissionNam= e + "! "); } } } =20 // convert insert objects List insertsMultiKey =3D new ArrayList(); for (int i=3D0;i<inserts.size();i++) { MultiKey insert =3D (MultiKey)inserts.get(i); Group group =3D (Group)groupMap.get((String)insert.getKey(0)); if (group =3D=3D null) { continue; } Subject subject =3D (Subject)subjectMap.get((String)insert.getKey(1)); if (subject =3D=3D null) { continue; } if (!group.hasMember(subject)) { if (OtherJobScript.retrieveFromThreadLocal() !=3D null) { OtherJobScript.retrieveFromThreadLocal().getOtherJobInput().getHib3Gr= ouperLoaderLog().appendJobMessage(" " + group.getName() + " does not have m= ember " + subject.getId() + "!!! "); } continue; } AttributeDefName permission =3D (AttributeDefName)permissionMap.get((Stri= ng)insert.getKey(2)); if (permission =3D=3D null) { continue; } insertsMultiKey.add(new MultiKey(group, subject, permission)); } // convert delete objects List deletesMultiKey =3D new ArrayList(); for (int i=3D0;i<deletes.size();i++) { MultiKey delete =3D (MultiKey)deletes.get(i); Group group =3D (Group)groupMap.get((String)delete.getKey(0)); if (group =3D=3D null) { continue; } Subject subject =3D (Subject)subjectMap.get((String)delete.getKey(1)); if (subject =3D=3D null) { continue; } AttributeDefName permission =3D (AttributeDefName)permissionMap.get((Stri= ng)delete.getKey(2)); if (permission =3D=3D null) { continue; } deletesMultiKey.add(new MultiKey(group, subject, permission)); } // do the inserts for (int i=3D0;i<insertsMultiKey.size();i++) { Group group =3D (Group)((MultiKey)insertsMultiKey.get(i)).getKey(0); Subject subject =3D (Subject)((MultiKey)insertsMultiKey.get(i)).getKey(1)= ; AttributeDefName permission =3D (AttributeDefName)((MultiKey)insertsMulti= Key.get(i)).getKey(2); group.getPermissionRoleDelegate().assignSubjectRolePermission(permission,= subject, PermissionAllowed.ALLOWED); if (OtherJobScript.retrieveFromThreadLocal() !=3D null) { OtherJobScript.retrieveFromThreadLocal().getOtherJobInput().getHib3Grou= perLoaderLog().addInsertCount(1); } } // do the deletes for (int i=3D0;i<deletesMultiKey.size();i++) { Group group =3D (Group)((MultiKey)deletesMultiKey.get(i)).getKey(0); Subject subject =3D (Subject)((MultiKey)deletesMultiKey.get(i)).getKey(1)= ; AttributeDefName permission =3D (AttributeDefName)((MultiKey)deletesMulti= Key.get(i)).getKey(2); group.getPermissionRoleDelegate().removeSubjectRolePermission(permission,= subject); if (OtherJobScript.retrieveFromThreadLocal() !=3D null) { OtherJobScript.retrieveFromThreadLocal().getOtherJobInput().getHib3Grou= perLoaderLog().addDeleteCount(1); } } =20