...
Invites with group provisioning
This is Steven Carmody's idea. We could add a table:
Then there can be a A picker to allow the person inviting the external subjects to mark them to be added to group(s) once they register. Note the security (inviter needs UPDATE on groups) will be checked at the invite time, and provisioning time, there is no actAs once the users register. This information should be put in the email to the inviter (if applicable). At some point we could do something similar for permissions as well.
...
| Code Block |
|---|
#users must be in this group to invite external users to grouper require.group.for.inviteExternalSubjects.logins=etc:externalSubjectInviters |
sdf
Email to invitee
When someone invites an external user, an email is sent to each use invited in the "email addresses of people to invite" field.
The default template is in grouper.properties if an email message or subject is not specified in the invite:
| Code Block |
|---|
# you can use the variables $newline$, $inviteLink$. Note, you need to change this default message...
externalSubjectsInviteDefaultEmail = Hello,$newline$$newline$This is an invitation to register at our site to be able to access our applications. This invitation expires in 7 days. Click on the link below and sign in with your InCommon credentials. If you do not have InCommon credentials you can register at a site like protectnetwork.org and use those credentials.$newline$$newline$$inviteLink$$newline$$newline$Regards.
# default subject for email
externalSubjectsInviteDefaultEmailSubject = Register to access applications
|
If someone typed in a subject, that will be used, if someone types in an email in the invite screen, then that will be used, but the link to register is appended to it (needs to be generated since there is a UUID in it)
sdf
Email addresses to notify when registered
If there are email addresses filled in to the invite screen, then people can be notified when people register (one email sent as each person registers). The email format is specified in the grouper.properties:
| Code Block |
|---|
# you can use the variables $newline$, $inviteeIdentifier$, $inviteeEmailAddress$. Note, you need to change this default message...
externalSubjectsNotifyInviterEmail = Hello,$newline$$newline$This is a notification that user $inviteeIdentifier$ from email address $inviteeEmailAddress$ has registered with the identity management service. They can now use applications at this institution.$newline$$newline$Regards.
externalSubjectsNotifyInviterSubject = $inviteeIdentifier$ has registered
|
The email to the those people looks like this (depending on the template):
| Code Block |
|---|
From: "groupersystem@gmail.com" <groupersystem@gmail.com> <-- note, this is configurable in grouper.properties
To: someone@someschool.edu
Sent: Sun, November 28, 2010 10:01:31 AM
Subject: TEST:user1@school.edu has registered <-- in non prod env's a prefix can be specified in grouper.properties
Hello,
This is a notification that user user1@school.edu from email address person@yahoo.com has registered with the identity management service. They can now use applications at this institution.
Regards.
|
sda
Vetted email addresses
Once a user registers based on email, then it is vetted that the email address that the user was invited by is a vetted email address. There is a column in the external subject table to hold a list of comma separated email addresses that are vetted. Currently this is not used for anything (i.e. it is not a subject attribute), however, if an admin wants to contact someone, these are email addresses that the user has responded to...
To do
- Add multiple search strings and sort fields based on new member columns