This is a concept for an upcoming v2.5 release
Configuring
A grouper admin would configure this as attributes on a folder (similar to how custom UI's are configured)
General configuration
- If this for only this folder or all subfolders too
- Which group of people can run the template (default to grouper admin)
- Who it runs as (default to GrouperSystem)
- Template name
Form elements that are displayed on the screen
- Form element type
- Regex validation on data (to prevent injection problems)
- Drop down options could be driven by SQL (e.g. a list of terms or a list of schools or list of affiliations)
Text on screen similar to custom UI
Validations
- Some expression language and link that to an externalized error message
GSH script to run
- The form element data is expression language
- Each line of GSH could be configured or multiple lines at once
Zoom add school example
General configuration
- Configured on the zoom app folder
- Include subfolders
{ "paramName": "includeSubfolders", "paramValue": "true"}
Zoom admins can run it (from app template)
{ "paramName": "groupCanRun", "paramValue": "app:zoom:zoomAdmins"}
Run as self (who is zoom admin)
{ "paramName": "runAs", "paramValue": "self"}
Template name
{ "paramName": "templateName", "paramValue": "${textContainer.text['zoom_template_name']}"}
Form elements
Text box: for lower camel case school or center name, e.g. artsAndScience
{ "formElementType": "textbox", "formElementName": "cu_orgName", "regexValidation": "[a-z][a-zA-Z0-9]{1,49}" , "regexValidationMessage": "${textContainer.text['zoom_template_orgNameInvalid']}" , "index": 10, "show": "true", "required": true, "label": "${textContainer.text['zoom_template_orgName']}", "description": "${textContainer.text['zoom_template_orgNameDescription']}" }
- Checkbox for "add includes"? (if unchecked only excludes are created)
{ "formElementType": "checkbox", "formElementName": "cu_addIncludes", "index": 20, "show": "true", "label": "${textContainer.text['zoom_template_addIncludes']}", "description": "${textContainer.text['zoom_template_addIncludesDescription']}"}
- Textbox for group name in zoom
{ "formElementType": "textbox", "formElementName": "cu_zoomGroupName", "index": 30, "regexValidation": "[a-zA-Z0-9_]{1,50}" , "regexValidationMessage": "${textContainer.text['zoom_template_zoomGroupNameInvalid']}" , "index": 30, "required": true, "show": "${cu_addIncludes}", "label": "${textContainer.text['zoom_template_zoomGroupName']}", "description": "${textContainer.text['zoom_template_zoomGroupNameDescription']}"}
Text
{ "customUiTextType":"instructions", "text":"${textContainer.text['zoom_template_instructions']}"}
grouper.text.en.us.properties
zoom_template_name = Add zoom school / center zoom_template_instructions = Add an organization to zoom. If it is exclude only then do not select 'Add includes'. zoom_template_orgName = School or center name zoom_template_orgNameDescription = Enter a camel-cased school or center name, starting with lower case letter, can only contain alpha-numeric characters and must be less than 50 chars zoom_template_orgNameInvalid = Invalid 'School or center name': must be start with lower case letter, can only contain alpha-numeric characters and must be less than 50 chars zoom_template_addIncludes = Add 'includes' zoom_template_addIncludesDescription = If this school or center should have a group in Zoom and in "includes" group to sponsor accounts zoom_template_zoomGroupName = Zoom group name zoom_template_zoomGroupNameDescription = Group name in zoom for this population. Must be alphanumeric or underscore and less than 50 chars zoom_template_zoomGroupNameInvalid = Invalid 'Zoom group name' must be alphanumeric or underscore and less than 50 chars
GSH script to run
GrouperSession grouperSession = GrouperSession.startRootSession(); String prefix = Character.toUpperCase("${cu_orgName}".charAt(0)) + "${cu_orgName}".substring(1,"${cu_orgName}".length()); String prefixLower = "${cu_orgName}"; Group excludeAdHocGroup = new GroupSave(grouperSession).assignName("penn:isc:ait:apps:zoom:service:ref:excludeAdHoc:" + prefixLower + "AdhocExcludeFromZoom").save(); Group excludeLoadedGroup = new GroupSave(grouperSession).assignName("penn:isc:ait:apps:zoom:service:ref:loadedGroupsForExclude:" + prefixLower + "ExcludeLoaded").save(); Group excludeGroup = new GroupSave(grouperSession).assignName("penn:isc:ait:apps:zoom:service:ref:excludeFromZoom:" + prefixLower + "ExcludeFromZoom").save(); Group excludedFromZoom = GroupFinder.findByName(grouperSession, "penn:isc:ait:apps:zoom:service:ref:usersExcludedFromZoom", true); excludedFromZoom.addMember(excludeGroup.toSubject(), false); Group schoolLspGroup = new GroupSave(grouperSession).assignName("penn:isc:ait:apps:zoom:security:schoolCenterAdminsAndLsps:zoom" + prefix + "Lsps").save(); Group lsps = GroupFinder.findByName(grouperSession, "penn:isc:ait:apps:zoom:security:zoomSchoolCenterLspsPreCheck", true); lsps.addMember(schoolLspGroup.toSubject(), false); Group schoolAdminGroup = new GroupSave(grouperSession).assignName("penn:isc:ait:apps:zoom:security:schoolCenterAdminsAndLsps:zoom" + prefix + "Admins").save(); Group admins = GroupFinder.findByName(grouperSession, "penn:isc:ait:apps:zoom:security:zoomSchoolCenterAdminsPreCheck", true); admins.addMember(schoolAdminGroup.toSubject(), false); if (${cu_addIncludes}) { Group loadedGroup= new GroupSave(grouperSession).assignName("penn:isc:ait:apps:zoom:service:ref:loadedGroups:${cu_zoomGroupName}").save(); Group overrideGroup = new GroupSave(grouperSession).assignName("penn:isc:ait:apps:zoom:service:ref:groupsOverride:${cu_zoomGroupName}").save(); Group groupToGoToZoom = new GroupSave(grouperSession).assignName("penn:isc:ait:apps:zoom:service:policy:groupsToGoToZoom:${cu_zoomGroupName}").save(); Group zoomCanLogIn = GroupFinder.findByName(grouperSession, "penn:isc:ait:apps:zoom:service:policy:zoomCanLogIn", true); zoomCanLogIn.addMember(groupToGoToZoom.toSubject(), false); }
Form
Imagine an HTML form that has some inputs and a submit button
Maybe the next screen lets you review the script after variables are executed (note you cant edit it, but you could see it)