View Source

This is a feature in v2.6.8+ that allows select attributes to be editable in group edit screen (similar to the legacy Grouper "admin ui")

This was requested by Brown as they upgrade their legacy UI and keep a similar experience for users.

This also allows the attributes to be viewable on the group screen under "details"

When do use this

If the use case is at all provisioning related, consider using "provisioning metadata" which is a very similar concept and experience
If you need to use this for provisioning please contact the Grouper team about the use case

Demo

Applicable attributes

Single assign marker attributes (no value) will be a checkbox
Single assign single valued string attributes will be a textfield

Security

This uses stock group/attributeDef security

If the user
- can attributeRead on group
- can read on attribute definition
- then they will see the settings in the group view "details" section
If the user
- can attributeRead and attributeUpdate on group
- can read and update on attributeDef
- then they can edit the attributes in the group edit screen

Configure

grouper.properties

######################################
## Group types edit view
## Identify marker attributes or single valued string attributes to be viewed or edited on group screen
## "theConfigId" is the config ID of the attribute
######################################
 
# attribute name that should be able to be seen on screen, e.g. a:b:c
# {valueType: "string"}
# groupScreenType.theConfigId.attributeName = 
 
# label on the left side of screen for attribute
# {valueType: "string"}
# groupScreenType.theConfigId.label = 
 
# description on the right side of screen for attribute
# {valueType: "string"}
# groupScreenType.theConfigId.description = 
 
# numeric index of the order of the attribute on the screen
# {valueType: "integer"}
# groupScreenType.theConfigId.index =

Example (from screenshot above)

Make an attribute definition for the marker

Grouper > Grouper attribute framework attributes editable in group edit screen > image2022-3-1_17-3-42.png

Make a name for that

Grouper > Grouper attribute framework attributes editable in group edit screen > image2022-3-1_17-8-16.png

Make an attribute with a value

Grouper > Grouper attribute framework attributes editable in group edit screen > image2022-3-1_17-9-59.png

Make a name for the value def

Grouper > Grouper attribute framework attributes editable in group edit screen > image2022-3-1_17-11-8.png

Configure those up in grouper.properties

# attribute name that should be able to be seen on screen, e.g. a:b:c
# {valueType: "string"}
groupScreenType.azureMarker.attributeName = etc:attribute:myMfaAzure

# label on the left side of screen for attribute
# {valueType: "string"}
groupScreenType.azureMarker.label = Azure require MFA:

# description on the right side of screen for attribute
# {valueType: "string"}
groupScreenType.azureMarker.description = Check this box to require users in the group to have MFA required in Azure.  This rollout is based on org.  Users should have time to migrate and ensure their clients support MFA and do not get locked out.

# numeric index of the order of the attribute on the screen
# {valueType: "integer"}
groupScreenType.azureMarker.index = 1

# attribute name that should be able to be seen on screen, e.g. a:b:c
# {valueType: "string"}
groupScreenType.azureDate.attributeName = etc:attribute:myMfaAzureAttributeDate

# label on the left side of screen for attribute
# {valueType: "string"}
groupScreenType.azureDate.label = Azure MFA date:

# description on the right side of screen for attribute
# {valueType: "string"}
groupScreenType.azureDate.description = yyyy/mm/dd date of when users in this group will be required to use MFA in Azure.  The date format is required.

# numeric index of the order of the attribute on the screen
# {valueType: "integer"}
groupScreenType.azureDate.index = 2

Now anyone with proper privileges can view the attributes on the group details screen or edit them in the group edit screen