Thank you Marco! I think that now I'm able to implement a test case according to my purpose!
Regards 2015-11-05 17:29 GMT+01:00 Marco Di Sabatino Di Diodoro < [email protected]>: > > > Il 05/11/2015 17:11, Antonio Ciancio ha scritto: > > Marco thank you so much!!! > > I found your answar very useful for my purpose! > > In my test case i have to consider another membership attribute, the time > period in which users can access to a restricted area. > > Usually i use an object like this: > > BEGIN:VCALENDAR > PRODID: > VERSION:2.0 > BEGIN:VEVENT > SUMMARY:Office Hours > DTSTART:19700101T090000 > DTEND:19700101T170000 > RRULE:FREQ=WEEKLY;BYDAY=MO,TU,WE,TH,FR > DTSTAMP:20121129T154801 > UID:6b350fc3c646e59e > END:VEVENT > END:VCALENDAR > > Would be possible, in Syncope, to set up this informations as a Membership > attributes? > > Yes, it's. You can modelling your solution as you want. > > Regards > Marco > > > Regars, > Antonio. > > 2015-11-05 15:41 GMT+01:00 Marco Di Sabatino Di Diodoro < > <[email protected]>[email protected]>: > >> Hi Antonio, >> >> Il 04/11/2015 15:10, Antonio Ciancio ha scritto: >> >> Hi all, >> >> I'm Antonio. I'm working on Syncope since two weeks. >> >> The context in which I work is the PACS (Physical Access Control System): >> >> Users have available one or more badges, each badge has an identification >> number; they allow to access in a restricted area using card readers. My >> system sends a REST request to Syncope with the following parameters: >> *card_ID, >> card_reader_ID, operation*; “operation” indicates the kind of action >> that users need to do (in, out, …). >> >> How can I map these three parameters in Syncope? In particular, How can I >> combine the card_ID parameter with the users? My idea is to combine the >> token field of the “SyncopeUser” table with the card_ID parameter, can I >> costumise it? If I can’t do it, which entity of Syncope can I use to map >> the “Card” parameter? >> >> Token field is a specific field with internal functions and it's better >> not override. >> Best way to map your requirements with Syncope is to use schemas, roles >> and memberships [1]. I suggest you to use "Syncope Roles" as CARD_READER >> entity with a role attribute where you can map the card_reader_ID. In >> addition, you have to create two membership attributes for the card_ID and >> operation fields. >> >> Now, you can assign to an user one or more roles (card reader) where every >> relationship user-role contains the card_ID and operation permissions of >> an user (membership attributes). If you want, you can configure your >> attributes multi-value (for example operation: "in, out"). >> >> As regard the Syncope response given after the REST request on the basis >> of Users needs, which entity can we use to determine this operation ( Role, >> Policy…)? >> >> For the authentication and authorization, you have to implement a new >> REST endpoint where you check if an user has assigned a role with the >> passed card_reader_ID and the card_ID and operation matches the membership >> values. >> >> Regards >> Marco >> >> [1] >> https://cwiki.apache.org/confluence/display/SYNCOPE/Schema%2C+attributes+and+mapping >> >> -- >> Dott. Marco Di Sabatino Di Diodoro >> Tel. +39 3939065570 >> >> Tirasa S.r.l. >> Viale D'Annunzio 267 - 65127 Pescara >> Tel +39 0859116307 / FAX +39 0859111173http://www.tirasa.net >> >> Apache Syncope PMC Memberhttp://people.apache.org/~mdisabatino/ >> >> > > -- > Dott. Marco Di Sabatino Di Diodoro > Tel. +39 3939065570 > > Tirasa S.r.l. > Viale D'Annunzio 267 - 65127 Pescara > Tel +39 0859116307 / FAX +39 0859111173http://www.tirasa.net > > Apache Syncope PMC Memberhttp://people.apache.org/~mdisabatino/ > >
