...
- grouper: check a membership or privilege
- ldap: execute an ldap filter
- sql: run a sql query against grouper or another database
- expressionLanguage: some expression (could call java)
- azure: check an azure membership or user object
The queries assign variables which must be prefixed with "cu_" for "Custom UI"
...
Field | Type | Required for type | Optional for type | Description |
---|---|---|---|---|
attributeDefId | String | expressionLanguage, grouper, sql | uuid of attribute def to look up | |
azureGroupId | String | azure | if hardcoding the uuid of group in azure | |
bindVar0 | String | sql | bind var for sql | |
bindVar0type | String | sql | bind var type in sql: string or integer | |
bindVar1 | String | sql | bind var for sql | |
bindVar1type | String | sql | bind var type in sql: string or integer | |
bindVar2 | String | sql | bind var for sql | |
bindVar2type | String | sql | bind var type in sql: string or integer | |
configId | String | azure, ldap | sql | id in grouper config for azure, ldap, or sql |
enabled | Boolean | azure, expressionLanguage, grouper, ldap, sql | true or false if this var is enabled | |
errorLabel | String | azure | expressionLanguage, grouper, ldap, sql | label on screen for the error variable |
fieldNames | String | grouper | comma separated privs in grouper, e.g. members, readers, admins, viewers, updaters, optins, optouts, groupAttrReaders, groupAttrUpdaters, creators, stemAdmins, stemAttrReaders, stemAttrUpdaters, attrReaders, attrUpdaters, attrDefAttrReaders, attrDefAttrUpdaters, attrOptins, attrOptouts, attrAdmins | |
forLoggedInUser | Boolean | azure, expressionLanguage, grouper, ldap, sql | true if should run this rule for the logged in user (if manager using screen), or by default its the user being acted on (which might be the user logged in) | |
groupId | String | azure, expressionLanguage, grouper, ldap, sql | group uuid to look up a group | |
groupName | String | azure, expressionLanguage, grouper, ldap, sql | group name to look up a group | |
label | String | azure, expressionLanguage, grouper, ldap, sql | label to see on screen when variables are displayed | |
ldapAttributeToRetrieve | String | ldap | which attribute in ldap to retrieve | |
ldapFilter | String | ldap | ldap filter to run | |
ldapSearchDn | String | ldap | if not using the default dn in connection, search in this dn | |
nameOfAttributeDef | String | expressionLanguage, grouper, sql | name of attribute definition to lookup | |
order | Integer | azure, expressionLanguage, grouper, ldap, sql | integer and rules will be ordered by this integer, when displayed on screen | |
query | String | sql | sql query to execute | |
script | String | expressionLanguage | azure(2.5.30+) | EL expression to run |
stemId | String | expressionLanguage, grouper, sql | uuid of stem to lookup | |
stemName | String | expressionLanguage, grouper, sql | name of stem to lookup | |
userQueryType | String | azure, expressionLanguage, grouper, ldap, sql | identify the type of query, enter either: azure, expressionLanguage, grouper, ldap, sql | |
variableToAssign | String | azure, expressionLanguage, grouper, ldap, sql | name of variable must start with cu_ if the value is "default" then each attribute value will be the default for any bean without that set where its a valid value you cant have two variables with the same name | |
variableToAssignOnError | String | azure | expressionLanguage, grouper, ldap, sql | name of variable to assign on error, must start with cu_ you cant have two variables with the same name |
variableType | String | expressionLanguage, grouper, ldap, sql, azure | type of variable: boolean, integer, string |
...