...
The rule will be an attribute of a grouper object (group, stem, etc). It will be specified as JSON. We can have a screen on the UI which helps create the JSON, or we could split this up into multiple attributes if we like. e.g. the following rule could be an attribute on group: b:c:d, who's name would get the variable "thisGroupName"
| Code Block |
|---|
{
"RuleDefinition":{
"actAs":{
"sourceId":"sourcekerberosPrincipals",
"subjectId":"subjectIdmyApp/myServer.school.edu"
},
"check":{
"group":"a:b:c",
"type":"flattenedMembershipRemove"
},
"ifCondition":"",
"then":"${RulesUtils.removeMember('b:c:d'thisGroupName, subjectSourceId, subjectId}"
}
}
|
...