Use cases for rules, with implementation examples.  Note that for Grouper release 2.0 the features of the rules engine are driven from the use cases below.  If you want to do something else with rules contact the Grouper dev team.

Email notifications permissions disabled dates

If an entity is going to be disabled from permissions, send an email to the employee and an admin

Composite-ng intersection permissions

If an entity is no longer a member of the employee group, remove them from the group for application X

Composite-ng intersection

If an entity is no longer a member of the employee group, remove them from the group for application X

Disabled-date activation

If a student is no longer a member of the course X group, then change the membership in the course wiki group to have an end date in one week (note, this assumes that if the student is out of the course group, they fall out of the wiki group, another variation is to set an end date on an existing membership)

Disabled-date permissions activation

If a student is no longer a member of the course X group, then end date the permissions in the course wiki group with end date in one week

Composite-org

If an entity falls out of any group in the IT organization groups (meaning not a central IT employee anymore), then remove them from group X

Composite-org permissions

If an entity falls out of any group in the IT organization groups (meaning not a central IT employee anymore), then remove permissions from an attributeDef

Inherited permissions

If a group, stem, or attribute definition is created under folder a:b, then apply privileges to the group of READ,UPDATE to group a:security:admins (note, for stems or attribute definitions the privileges will be different accordingly)

Veto if not eligible

If a user is not an employee, do not allow to be added to application group

Veto permission if not eligible

If a user is not an employee, do not allow to have permissions assigned