The Grouper custom UI
This is a new feature in 2.4.57+
To use this a group is configured with attributes
Then there is link in the More Actions menu
Example configuration
The configuration is simple javabeans in JSON format
| Field | Type | Description |
|---|---|---|
| managersCanSeeUserEnvironment | Boolean | if managers can see user environment (default true) |
| managersCanAssignVariables | Boolean | if managers can assign variables in browser for testing (default false) |
| managersCanSeeScreenState | Boolean | if managers can see screen state (default false) |
| usersCanSeeUserEnvironment | Boolean | if users can see environment table (default false) |
| emailEnrollSubject | String | subject of email when someone enrolls |
| emailEnrollBody | String | body of email when someone enrolls |
| emailUnenrollSubject | String | subject of email when someone unenrolls |
| emailUnenrollBody | String | body of email when someone unenrolls |
| sendEmailWhenManagerMakesChanges | Boolean | if user is emailed when manager adds/removes from custom ui |
| emailToUser | Boolean | if user is emailed when using join/leave |
| emailBccToGroupName | String | group name that is bcc'ed on usage |
GSH example to generate the JSON
customUiOverallBean = new edu.internet2.middleware.grouper.ui.customUi.CustomUiOverallBean();
customUiOverallBean.setManagersCanAssignVariables(true);
customUiOverallBean.setEmailToUser(true);
customUiOverallBean.setEmailBccToGroupName("penn:isc:ait:apps:O365:twoStepProd:simpleEnrollUnenroll:o365twoStepAllowedToAdmin");
customUiOverallBean.setEmailEnrollBody("${textContainer.text['penn_o365twoStep_enroll_emailBody']}");
customUiOverallBean.setEmailEnrollSubject("${textContainer.text['penn_o365twoStep_enroll_emailSubject']}");
customUiOverallBean.setEmailUnenrollBody("${textContainer.text['penn_o365twoStep_unenroll_emailBody']}");
customUiOverallBean.setEmailUnenrollSubject("${textContainer.text['penn_o365twoStep_unenroll_emailSubject']}");
customUiOverallBean.setSendEmailWhenManagerMakesChanges(true);
customUiOverallBean.setManagersCanSeeScreenState(true);
customUiOverallBean.setManagersCanSeeUserEnvironment(false);
System.out.println(GrouperUtil.jsonConvertTo(customUiOverallBean, false));
|
Example JSON
{
"managersCanSeeUserEnvironment":false,
"emailEnrollBody":"${textContainer.text['penn_o365twoStep_enroll_emailBody']}",
"emailEnrollSubject":"${textContainer.text['penn_o365twoStep_enroll_emailSubject']}",
"emailToUser":true,
"emailUnenrollBody":"${textContainer.text['penn_o365twoStep_unenroll_emailBody']}",
"emailBccToGroupName":"penn:isc:ait:apps:O365:twoStepProd:simpleEnrollUnenroll:o365twoStepAllowedToAdmin",
"sendEmailWhenManagerMakesChanges":true,
"managersCanSeeScreenState":true,
"emailUnenrollSubject":"${textContainer.text['penn_o365twoStep_unenroll_emailSubject']}",
"managersCanAssignVariables":true
} |
Configure in grouper.properties
grouper.azureConnector.myAzure.loginEndpoint = https://login.microsoftonline.com
grouper.azureConnector.myAzure.DirectoryID = 6c4dxxx0d
grouper.azureConnector.myAzure.client_id = fd805xxxxdfb
grouper.azureConnector.myAzure.client_secret = ******************
grouper.azureConnector.myAzure.resource = https://graph.microsoft.com
grouper.azureConnector.myAzure.graphEndpoint = https://graph.microsoft.com
grouper.azureConnector.myAzure.graphVersion = v1.0
grouper.azureConnector.myAzure.groupLookupAttribute = displayName
grouper.azureConnector.myAzure.groupLookupValueFormat = ${group.getName()}
grouper.azureConnector.myAzure.requireSubjectAttribute = PENNNAME
grouper.azureConnector.myAzure.subjectIdValueFormat = ${subject.getAttributeValue("PENNNAME")}@upenn.edu |
Run a membership check