Versions Compared

Old Version 60

changes.mady.by.user Hyzer

Saved on

compared with

New Version 61

changes.mady.by.user Hyzer

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
log4j.logger.org.apache.tools.ant = WARN

 


Supported Commands

Grouper API methods

...

Code Block
rsess = GrouperSession.startRootSession();
addGroup("stem1", "path_ID", "groupName");
group = GroupFinder.findByName(rsess, "stem1:path_ID");
group.setDescription("this is the description for groupName");
group.store();

...


You can use GroupSave as an alternate way:
...
Command
Description
member.changeSubject(newSubject);
Change the subject of the member object.  If the subject is the same, its a no-op.  If the new subject does not have a Member object, then the existing member object simply gets new subject information.  If the new subject does have a member object, then all objects in the grouper registry which uses the old member, will be updated to the new member.  Then the old member object is deleted from the registry
member.changeSubject(newSubject,!Member.DELETE_OLD_MEMBER);
Change the subject, but dont delete the old member.  Do this if the way which deletes the old member doesnt work due to foreign keys.  This will do all the work it can, and the rest can be manual
member.changeSubjectReport(newSubject,Member.DELETE_OLD_MEMBER);
Dont do any of the work, just print a report to the screen of what will be done.  Dry-run.
...

Memberships
Command
Description
addComposite(group name, composite type, left group name, right group name)
Add composite membership.  e.g. CompositeType.UNION
addMember(group name, subject id)
Add member to the members list for the group.
addMember(group name, subject id, field)
Add member to the specified list for the group.
delComposite(group name)
Delete composite membership from group
delMember(group name, subject id)
Delete member from the members list for the group
delMember(group name, subject id, field)
Delete member from the specified list for the group
getMembers(group name)
Get members of group
hasMember(group name, subject id)
Check whether subject is member of the members list
hasMember(group name, subject id, field)
Check whether subject is member of the specified list
...
Command
Description
findBadMemberships()
complete findBadMemberships run
...

XML legacy
Command
Description
xmlFromFile(filename)
Load registry from XML in file
xmlFromString(xml)
Load registry from XML in string
xmlFromURL(url)
Load registry from XML at URL
xmlToFile(filename)
Exports registry to file
xmlToString()
Exports registry to string.
xmlUpdateFromFile(filename)
Update registry from XML in file
xmlUpdateFromString(xml)
Update registry from XML in string
xmlUpdateFromURL(url)
Update registry from XML at URL
...
 Code Block
select distinct 'loaderRunOneJob("' || job_name || '");' as script 
from grouper_loader_log gll where started_time > sysdate-1 and status != 'SUCCESS'
and gll.job_name not like 'subjobFor%'
and not exists (select 1 from grouper_loader_log gll2 where gll2.started_time > sysdate-1
 and gll2.status = 'SUCCESS' and gll2.job_name = gll.job_name)
...

v1.6+ loader
Command
Description
loaderRunOneJobAttr(attirbuteDef)
Run an attribute definition loader job
...
 No Format
gsh 4% GSH_DEVEL = true
gsh 5% subj = findSubject("SD00125")
gsh 6% sess = GrouperSession.start(subj)
gsh 7% member = MemberFinder.findBySubject(sess, subj)
gsh 8% p(member.getGroups())
group: name='etc:sysadmingroup' displayName='Grouper Administration:SysAdmin Group' uuid='6f77fb36-b466-481a-84a7-7af609f1ad09'

Misc
Note: you cannot encrypt passwords with GSH since the passwords end up in the GSH history.  To encrypt passwords, issue the command:
Membership scripts
 Code Block
# (1) Print tab-separated summary of all group members, and flags for direct, indirect, or both
# Depending on the results, you could use the data to create a scrutinized list of Ids to delete, then import it and delete in a loop

me = SubjectFinder.findByIdentifierAndSource("my-username", "pid", true);
session = GrouperSession.start(me);
// OR: session = GrouperSession.startRootSession(True)

group = GroupFinder.findByName(session, "tmp:my:group", true);

effectiveMembers = group.getEffectiveMembers();
immediateMembers = group.getImmediateMembers();

System.out.println(String.join("\t", "id", "name", "Effective", "Immediate"));

for (Member m: group.getMembers()) {
    System.out.print(m.getSubject().getId() + "\t" + m.getSubject().getName() + "\t");
    System.out.print(effectiveMembers.contains(m).toString() + "\t");
    System.out.println(immediateMembers.contains(m).toString() + "\t");
}



# (2) Get the immediate and effective members for a specific source ("pid" in this example), intersect them to find the redundant ones
# This has a dryRun flag, so you can test first

sources = new HashSet<Source>()
sources.add(SourceManager.getInstance().getSource("pid"))

effectiveUsers = group.getEffectiveMembers(Group.getDefaultList(), sources, null)
immediateUsers = group.getImmediateMembers(Group.getDefaultList(), sources, null)

# use retainAll() to find the intersection; i.e., users both as effective and immediate member
immediateUsers.retainAll(effectiveUsers)

System.out.println("There are " + immediateUsers.size() + " users having both direct + indirect memberships");

dryRun = true

for (Member m: immediateUsers) {
    if (dryRun) {
        System.out.println("Ok to delete " + m.getSubject().getId());
    } else {
        System.out.println("Deleting " + m.getSubject().getId());
        group.deleteMember(m, false);
    }
}




Misc
Note: you cannot encrypt passwords with GSH since the passwords end up in the GSH history.  To encrypt passwords, issue the command:
 No Format
C:\mchyzer\isc\dev\grouper-qs-1.2.0\grouper>java -jar lib\morphString.jar
Enter the location of morphString.properties: conf
 No Format
C:\mchyzer\isc\dev\grouper-qs-1.2.0\grouper>java -jar lib\morphString.jar
Enter the location of morphString.properties: conf/morphString.properties
Type the string to encrypt (note: pasting might echo it back):
The encrypted string is: ca8a15be4ad0fb45c6f1b3ca0cfd9c9e

...
 Code Block
grouperSession = GrouperSession.startRootSession();
group = GroupFinder.findByName(grouperSession, "test:testGroup3", true);
for (membership : group.getImmediateMemberships()) {membership.delete();}
group.delete();
...

See the WIKI for running the Grouper Report manually
...
 Code Block
attributeDefName = AttributeDefNameFinder.findByName("school:attr:students:artsAndSciences", true);
group.getAttributeDelegate().retrieveAssignments(attributeDefName);
...

Rules
In Grouper 2.3 the UI can delete inherited privileges rules.
...
 Code Block
GrouperSession grouperSession = GrouperSession.startRootSession();
AttributeAssign attributeAssign = AttributeAssignFinder.findById("b629bd8170964663be507968752f4f17", true);
attributeAssign.delete();
 

Grouper Builtin Messaging
...
 Code Block
//note, or whatever user should be sending the messages
grouperSession = GrouperSession.startRootSession();
 
//send message to queue
GrouperMessagingEngine.send(new GrouperMessageSendParam().assignGrouperMessageSystemName(GrouperBuiltinMessagingSystem.BUILTIN_NAME).assignQueueType(GrouperMessageQueueType.queue).assignQueueOrTopicName("queueName").addMessageBody("Some message body"));


//send message to topic
GrouperMessagingEngine.send(new GrouperMessageSendParam().assignGrouperMessageSystemName(GrouperBuiltinMessagingSystem.BUILTIN_NAME).assignQueueType(GrouperMessageQueueType.topic).assignQueueOrTopicName("queueName").addMessageBody("Some message body"));


//receive messages
GrouperMessageReceiveResult grouperMessageReceiveResult = GrouperMessagingEngine.receive(new GrouperMessageReceiveParam().assignGrouperMessageSystemName(GrouperBuiltinMessagingSystem.BUILTIN_NAME).assignQueueName(queueName));


Collection<GrouperMessage> grouperMessages = grouperMessageReceiveResult.getGrouperMessages();


//acknowledge message as processed
GrouperMessagingEngine.acknowledge(new GrouperMessageAcknowledgeParam().assignAcknowledgeType(GrouperMessageAcknowledgeType.mark_as_processed).assignQueueName("abc").addGrouperMessage(grouperMessage).assignGrouperMessageSystemName(GrouperBuiltinMessagingSystem.BUILTIN_NAME));
 
//acknowledge message as return to queue (receive next time ask for messages)
GrouperMessagingEngine.acknowledge(new GrouperMessageAcknowledgeParam().assignAcknowledgeType(GrouperMessageAcknowledgeType.return_to_queue).assignQueueName("abc").addGrouperMessage(grouperMessage).assignGrouperMessageSystemName(GrouperBuiltinMessagingSystem.BUILTIN_NAME));

//acknowledge message as return to queue (receive after other messages on the queue)
GrouperMessagingEngine.acknowledge(new GrouperMessageAcknowledgeParam().assignAcknowledgeType(GrouperMessageAcknowledgeType.return_to_end_of_queue).assignQueueName("abc").addGrouperMessage(grouperMessage).assignGrouperMessageSystemName(GrouperBuiltinMessagingSystem.BUILTIN_NAME));
 
//acknowledge message send to another queue or topic (e.g. dead letter queue, dlq)
GrouperMessagingEngine.acknowledge(new GrouperMessageAcknowledgeParam().assignAcknowledgeType(GrouperMessageAcknowledgeType.send_to_another_queue).assignQueueName("abc").addGrouperMessage(grouperMessage).assignGrouperMessageSystemName(GrouperBuiltinMessagingSystem.BUILTIN_NAME).assignAnotherQueueParam(new GrouperMessageQueueParam().assignQueueOrTopicName("dlq").assignQueueType(GrouperMessageQueueType.queue));



 
...




sdf