OpenIDM allows any attributes to be pushed for a Managed Object, which makes it a easy to customize as per the requirement. To allow only certain set of attributes to be pushed for a certain managed object, we need to create a script.
Let us consider an example, I want the managed user object to just have the below mentioned attributes:
_id (Mandatory attribute for Managed Object. This is defined internally so we cannot skip this)
userName
givenName
sn
mail
Now to implement this let's go to managed.json and reference the script under Managed Object User as below:
Now go to this path bin\defaults\script\ui and create the javascript with below piece of code:
/*Initializing non-mandatory attributes*/
if ( !object.mail ) { object.mail = ""; }
if ( !object.sn ) { object.sn = ""; }
/*Checking the allowed attributes*/
var requestContentAttribute;
var allowedObjectAttributes = ["_id","userName","givenName","mail","sn"];
var index = 0;
for (requestContentAttribute in object)
{
var fl = null;
for(index = 0; index < allowedObjectAttributes.length ; index++)
{
if(allowedObjectAttributes[index] === requestContentAttribute)
{
fl = true;
}
}
if (fl == null){
throw("Attribute Not Allowed!!!! " + requestContentAttribute);
}
}
Now try to create a user with attributes other than that provided above, error message should get displayed:
Now try creating a user with only allowed attributes, user will be created successfully...:)
Let us consider an example, I want the managed user object to just have the below mentioned attributes:
_id (Mandatory attribute for Managed Object. This is defined internally so we cannot skip this)
userName
givenName
sn
Now to implement this let's go to managed.json and reference the script under Managed Object User as below:
 |
| managed.json |
/*Initializing non-mandatory attributes*/
if ( !object.mail ) { object.mail = ""; }
if ( !object.sn ) { object.sn = ""; }
/*Checking the allowed attributes*/
var requestContentAttribute;
var allowedObjectAttributes = ["_id","userName","givenName","mail","sn"];
var index = 0;
for (requestContentAttribute in object)
{
var fl = null;
for(index = 0; index < allowedObjectAttributes.length ; index++)
{
if(allowedObjectAttributes[index] === requestContentAttribute)
{
fl = true;
}
}
if (fl == null){
throw("Attribute Not Allowed!!!! " + requestContentAttribute);
}
}
Now try to create a user with attributes other than that provided above, error message should get displayed:
 |
| CreatUserRequest |
 |
| Error Message in Logs |
No comments:
Post a Comment