Versions Compared

Old Version 20

changes.mady.by.user Emily Eisbruch (internet2.edu)

Saved on

compared with

New Version Current

changes.mady.by.user Hyzer

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Include Page
spaceKeyGrouper
pageTitleNavigation

Panel

Overview: The Grouper 2.2 upgrade migrates the legacy attributes and group types to the new attribute framework in a transparent way.  The old API and WS and UI should still work correctly.

...

 - Prevent use of legacy attributes.
 - Create old style attributes in the new attribute framework within a configurable folder (e.g. etc:legacy:attribute).  By default, everybody can read and assign the attribute.
 - Preserve the API methods that allow setting and getting an attribute from a group.
 - Web services and UI should will continue to work when dealing with getting and setting attributes.
 - Hooks should will continue to fire when setting and deleting attributes.
 - Existing views on the legacy attributes will not be preserved.

...

 - Get rid of the grouper_group_types table.
 - Everything is essentially deprecated.
 - Should the The uuid of a GroupTypeTuple will be the uuid of the attribute assignment of legacyGroupType_<name>?.

Field

 - In general, I'm assuming that we'We're not going to try to treat legacy attributes as fields anymore or try to support current the 2.1 API that does.
 - Getting rid of the columns grouptype_uuid and is_nullable.

...

 - Group.initGroupAttributes(groups)
   - Seems like this was set up to address a performance issue with getting legacy attributes.
   - Maybe deprecate Deprecate and allow it to continue to work.  That is, efficiently query for legacy attributes in etc:legacy:attribute.
 - Group.deleteAttribute(attributeName)
   - deprecate
 - Group.deleteAttribute(attributeName, failOnRequiredAttribute)
   - deprecate
   - Ignore failOnRequiredAttribute?Throw exception if failOnRequiredAttribute is set.
   - rewrite to delete from new attribute framework.
 - Group.getAttributeValue(attributeName, checkSecurity, exceptionIfNotFound)
   - deprecate
   - exceptionIfNotFound is currently based on a field check.  Since legacy attributes won't be fields, this needs to change to instead check all the attributeDefNames starting with legacyAttribute_ under etc:legacy:attribute that are applicable for this group.
   - checkSecurity needs to check security based on new attribute framework.
 - Group.getAttribute(attributeName)
   - already deprecated.  why doesn't this just call getAttributeValue???
 - Group.getAttributes()
   - already deprecated.  why doesn't this just call getAttributesMap???
 - Group.setAttribute(attributeName, value)
   - deprecate
 - Group.setAttribute(attributeName, value, checkPrivileges)
   - deprecate
 - Group.setAttribute(attributeName, value, checkPrivileges, uuid)
   - deprecate
   - Change to use new framework.  Should the The uuid should be used as the uuid of the attribute assignment?.
 - Group.getAttributesMap(checkSecurity)
   - deprecate
   - Change to use new framework.
 - Group.getAttributesDb()
   - already deprecated.  why doesn't this just call getAttributesMap???
 - Group.internal_setAttributes(attributes)
   - deprecate
 - Group.setAttributes(attributes)
   - deprecate
 - Group.internal_copy()
   - Perhaps assume that this This continues to only work with legacy attributes for now.
   - Privilege checks on attributes need to use new framework.
 - Group.addType(type)
   - deprecate
 - Group.addType(type, exceptionIfAlreadyHasType)
   - deprecate
   - Assign legacyGroupType_<typeName> to group.
 - Group.canReadField(subj, field) and various other similar methods
   - Okay to make this This will no longer work for legacy attributes?.
 - Group.deleteType(type)
   - deprecate
   - Change to use new framework (including privilege checks).
 - Group.getRemovableTypes()
   - deprecate
   - assume all All types are removable.
 - Group.getTypes()
   - deprecate
   - Assume no No types are "internal"
 - Group.getTypesDb()
   - deprecate
   - Return all assignments within etc:legacy:attribute.
 - Group.hasType(type)
   - deprecate
 - Group.setTypes(types)
   - deprecate

...

- Basically deprecate everything.
- Get rid of grouper_attributes table.
- Perhaps the The attribute id should be the uuid of the attribute assignment.
- field id is no longer applicable therefore always null.

Privileges

One of the challenges with the migration is going to be to Grouper 2.2 is around dealing with privileges.  The legacy and new attribute frameworks have different ways of dealing with read and write privileges on attributes. 

...

Privileges for attributes have changed for 2.2.  More information.  The 2.2 upgrade steps do not try to migrate privileges for either the legacy attribute or new attribute frameworks.