Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <role xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
- xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3"
- xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3"
- xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
- xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
- xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"
- oid="6501b91e-5623-4c08-9e13-8726672ae733"
- version="3">
- <name>User Group Metarole</name>
- <metadata>
- <createTimestamp>2016-05-24T23:41:25.735Z</createTimestamp>
- <creatorRef oid="00000000-0000-0000-0000-000000000002" type="c:UserType"><!-- administrator --></creatorRef>
- <createChannel>http://midpoint.evolveum.com/xml/ns/public/model/channels-3#objectImport</createChannel>
- </metadata>
- <inducement id="1">
- <construction>
- <resourceRef oid="a0741b12-c96d-491d-8213-ecad84ab490e" type="c:ResourceType"><!-- OpenLDAP Accounts Schema --></resourceRef>
- <kind>entitlement</kind>
- <intent>userGroups_posix</intent>
- </construction>
- </inducement>
- <inducement id="2">
- <construction>
- <resourceRef oid="a0741b12-c96d-491d-8213-ecad84ab490e" type="c:ResourceType"><!-- OpenLDAP Accounts Schema --></resourceRef>
- <kind>entitlement</kind>
- <intent>userGroups_GoN</intent>
- </construction>
- </inducement>
- <inducement id="3">
- <construction>
- <resourceRef oid="a0741b12-c96d-491d-8213-ecad84ab490e" type="c:ResourceType"><!-- OpenLDAP Accounts Schema --></resourceRef>
- <kind>account</kind>
- <intent>default</intent>
- <attribute>
- <c:ref>ri:sshPublicKey</c:ref>
- <limitations>
- <minOccurs>0</minOccurs>
- <access>
- <read>true</read>
- <add>true</add>
- <modify>true</modify>
- </access>
- </limitations>
- <outbound>
- <expression>
- <value>0</value>
- </expression>
- </outbound>
- </attribute>
- <attribute>
- <c:ref>ri:gidNumber</c:ref>
- <outbound>
- <expression>
- <value>100</value>
- </expression>
- </outbound>
- </attribute>
- <association>
- <c:ref>userGroups_GoN</c:ref>
- <outbound>
- <expression>
- <associationFromLink>
- <projectionDiscriminator>
- <kind>entitlement</kind>
- <intent>userGroups_GoN</intent>
- </projectionDiscriminator>
- </associationFromLink>
- </expression>
- </outbound>
- </association>
- <association>
- <c:ref>userGroups_posix</c:ref>
- <outbound>
- <expression>
- <associationFromLink>
- <projectionDiscriminator>
- <kind>entitlement</kind>
- <intent>userGroups_posix</intent>
- </projectionDiscriminator>
- </associationFromLink>
- </expression>
- </outbound>
- </association>
- </construction>
- <order>2</order>
- <condition>
- <source>
- <c:path>$user/employeeType</c:path>
- </source>
- <expression>
- <script>
- <code>employeeType == 'user'</code>
- </script>
- </expression>
- </condition>
- </inducement>
- <inducement id="6">
- <construction>
- <resourceRef oid="a0741b12-c96d-491d-8213-ecad84ab490e" type="c:ResourceType"><!-- OpenLDAP Accounts Schema --></resourceRef>
- <kind>account</kind>
- <intent>service</intent>
- <attribute>
- <c:ref>ri:sshPublicKey</c:ref>
- <limitations>
- <minOccurs>0</minOccurs>
- <access>
- <read>true</read>
- <add>true</add>
- <modify>true</modify>
- </access>
- </limitations>
- <outbound>
- <expression>
- <value>0</value>
- </expression>
- </outbound>
- </attribute>
- <attribute>
- <c:ref>ri:gidNumber</c:ref>
- <outbound>
- <strength>strong</strength>
- <source>
- <c:path>extension/uidNumber</c:path>
- </source>
- </outbound>
- </attribute>
- <association>
- <c:ref>userGroups_GoN</c:ref>
- <outbound>
- <expression>
- <associationFromLink>
- <projectionDiscriminator>
- <kind>entitlement</kind>
- <intent>userGroups_GoN</intent>
- </projectionDiscriminator>
- </associationFromLink>
- </expression>
- </outbound>
- </association>
- <association>
- <c:ref>userGroups_posix</c:ref>
- <outbound>
- <expression>
- <associationFromLink>
- <projectionDiscriminator>
- <kind>entitlement</kind>
- <intent>userGroups_posix</intent>
- </projectionDiscriminator>
- </associationFromLink>
- </expression>
- </outbound>
- </association>
- </construction>
- <order>2</order>
- <condition>
- <source>
- <c:path>$user/employeeType</c:path>
- </source>
- <expression>
- <script>
- <code>employeeType == 'service'</code>
- </script>
- </expression>
- </condition>
- </inducement>
- <inducement id="4">
- <focusMappings>
- <mapping>
- <name>sequenceGID</name>
- <strength>weak</strength>
- <expression>
- <sequentialValue>
- <sequenceRef oid="e35a6807-b8c8-4c42-8a71-4ee5c104d9b7"/>
- </sequentialValue>
- </expression>
- <target>
- <c:path>extension/gidNumber</c:path>
- </target>
- </mapping>
- </focusMappings>
- </inducement>
- <inducement id="5">
- <focusMappings>
- <mapping>
- <name>sequenceUID</name>
- <strength>weak</strength>
- <expression>
- <sequentialValue>
- <sequenceRef oid="7d4acb8c-65e3-11e5-9ef4-6382ba96fe6c"/>
- </sequentialValue>
- </expression>
- <target>
- <c:path>extension/uidNumber</c:path>
- </target>
- </mapping>
- </focusMappings>
- <order>2</order>
- </inducement>
- </role>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
