View Source

Grouper attributes in the new attribute framework can be scoped so they can only be assigned to certain owners (besides the type of assignment, permissions, etc). To be able to assign a scope the caller needs admin on the attributeDef, and perhaps rights on the object being tied to

There are the following scope types:

attributeDefNameIdAssigned: This is similar to the previous grouper attribute "typing" where you can only assign this attribute type to objects which already have another attribute assigned. So if the original attribute is a "type", then that will be have to assigned first. Use this like this:

//attributeDefAttr is the attribute which is dependent on the type being assigned
//attributeDefTypeAttr is the "type" which must be on the owner of the attribute
//for the attribute to be assigned
attributeDefAttr.getAttributeDefScopeDelegate().assignTypeDependence(attributeDefTypeName);

inStem: The owner (group, stem, attributeDef) must be in a certain stem (directly)

attributeDefAttr.getAttributeDefScopeDelegate().assignStemScope(stem2);

nameLike: The owner (group, stem, attributeDef) must match a SQL like string. e.g. to do substem matching

attributeDefType.getAttributeDefScopeDelegate().assignStemSubScope(stem2);

You can also scope by owner name, id, subjectSourceId

Example of attribute type

Here is an attribute type, and a dependent attribute definition, in GSH

//create type
grouperSession = GrouperSession.startRootSession();
stemType = new StemSave(grouperSession).assignName("testStemType").assignStemNameToEdit("testStemType").save();
typeDef = stemType.addChildAttributeDef("typeDef", AttributeDefType.type);
typeDef = AttributeDefFinder.findByName("testStemType:typeDef", true);
typeDef.setAssignToGroup(true);
typeDef.store();
typeDefName = stemType.addChildAttributeDefName(typeDef, "typeDefName", "typeDefName");
typeDefName = AttributeDefNameFinder.findByName("testStemType:typeDefName", true);

//create attr
stemAttr = new StemSave(grouperSession).assignName("testStemAttr").assignStemNameToEdit("testStemAttr").save();
attrDef = stemAttr.addChildAttributeDef("attrDef", AttributeDefType.attr);
attrDef = AttributeDefFinder.findByName("testStemAttr:attrDef", true);
attrDef.setAssignToGroup(true);
attrDef.store();
attrDefName = stemAttr.addChildAttributeDefName(attrDef, "attrDefName", "attrDefName");
attrDefName = AttributeDefNameFinder.findByName("testStemAttr:attrDefName", true);

//link the attr with the type so without the type assigned, the attr cannot be assigned
attrDef.getAttributeDefScopeDelegate().assignTypeDependence(typeDefName);