Many thanks for the quick reply.
I'm evaluating syncope as identity manager.
I have user and groups coming from big db mapped in syncope as user and
roles.
Each role is associated with vcs calendar file, my goal is to check if user
can access to website according vcs file associated.
I've already done the script to check calendar with server time
I've already added the "vcs calendar file" as a binary schema.
My goal now is to understand how to add binary membership attribute via
curl passing a file .vcs.
I can't use string since vcs could be very long and so I added binary
attribute.
Json payload could be like this (I've modified your one simply adding {
"schema": "vcsCalendar",
"valuesToBeAdded": [
"fileCalendar"
],
"valuesToBeRemoved": []
} )
{
"id": 769,
"membershipsToAdd": [
{
"id": 0,
"role": 344,
"attributesToUpdate": [
{
"schema": "card_id",
"valuesToBeAdded": [
"90"
],
"valuesToBeRemoved": []
},
{
"schema": "vcsCalendar",
"valuesToBeAdded": [
"fileCalendar"
],
"valuesToBeRemoved": []
}
]
}
]
}
but I don't know how send vcs file via curl.
Thanks in advance
Regards
Umberto
2015-11-17 10:52 GMT+01:00 Francesco Chicchiriccò <[email protected]>:
> On 17/11/2015 09:58, Umberto Robustelli wrote:
>
> Good evening,
> I'm new to syncope.
>
>
> Hi,
> glad of your interest in Apache Syncope.
>
> My goal is to add user, role and membership to syncope via curl call to
> rest api
> I'm able to add user and role and I can also associate user with role
> through this call
>
> curl --request POST -H "Accept: application/json" --data '
> {"id":101,"membershipsToAdd":[{"role":100}]}' -u admin:password -H
> "Content-Type: application/json"
> <http://localhost:8085/syncope/rest/users/766>
> http://localhost:8085/syncope/rest/users/766
>
>
> Up to Syncope 1.2.X (which I presume you are running), memberships are the
> representation of the relation between users and roles.
> So, when you are associating an user with a role, you are in fact creating
> a membership.
>
> In the call above you are updating an user and adding a membership for the
> role with id 100.
>
> My question is about attribute and membership.
>
> Could you provide an example in which I can set attribute of membership?
>
> In my example I've two attributes: group_name (string) and calendar which
> is a file representing the calendar vcs binary type.
>
> I've try this call
> curl -H "Accept: application/json" --data
> '{"id":769,"membershipMod":[{"role":344}],"attributeMod":[{"schema":"card_id,"valuesToBeAdded":"90"}]}'
> -u admin:password -H "Content-Type: application/json"
> <http://localhost:8085/syncope/rest/users/769>
> http://localhost:8085/syncope/rest/users/769
>
> with this error
> <?xml version="1.0" encoding="UTF-8" standalone="yes"?><syncope:error
> xmlns:syncope=" <http://syncope.apache.org/1.2>
> http://syncope.apache.org/1.2";><elements><element xmlns:xsi="
> http://www.w3.org/2001/XMLSchema-instance"; xmlns:ns4="
> http://www.w3.org/2001/XMLSchema"; xsi:type="ns4:string">Unrecognized
> field "membershipsMod" (class org.apache.syncope.common.mod.UserMod), not
> marked as ignorable (16 known properties: "resourcesToAdd",
> "virAttrsToRemove", "resourcesToRemove", "securityQuestion",
> "virAttrsToUpdate", "membershipsToAdd", "pwdPropRequest",
> "derAttrsToRemove", "derAttrsToAdd", "username" [truncated]])
> at [Source: org.apache.cxf.transport.http.AbstractHTTPDestination$1@8790bd;
> line: 1, column: 29] (through reference chain:
> org.apache.syncope.common.mod.UserMod["membershipsMod"])</element></elements><status>500</status><type>Unknown</type></syncope:error>
>
>
> This error is reporting that 'memershipsMod' is not a field from UserMod;
> the closest match seems to be 'membershipsToAdd', as you did above.
> The JSON payload should then be something like as
>
> {
> "id": 769,
> "membershipsToAdd": [
> {
> "id": 0,
> "role": 344,
> "attributesToUpdate": [
> {
> "schema": "card_id",
> "valuesToBeAdded": [
> "90"
> ],
> "valuesToBeRemoved": []
> }
> ]
> }
> ]
> }
>
> Some useful references:
>
> * samples of REST API invocation via curl: [1]
>
> * sample usage of Java client library (there for bulk deletion, but can
> be adapted for other operations): [2]
>
> * REST API reference, which includes browsable XSD representation of all
> methods payloads and return types: [3]
>
> Finally, I would also suggest to work with admin console - after raising
> log levels to DEBUG [4] - and to take a look at URLs and payloads.
>
> How can send vcs calendar file through rest call?
>
>
> Hmm, probably the most effective way is to model the "vcs calendar file"
> as a string (or possibly binary) schema. In this way you would be setting
> the content of the vcs file as the value of a membership attribute.
>
> Your use case looks anyway interesting: would you like to provide some
> more context?
>
> Regards.
>
> [1]
> https://cwiki.apache.org/confluence/display/SYNCOPE/Call+REST+services+from+CLI#CallRESTservicesfromCLI-ApacheSyncope1.2.X
> [2]
> https://cwiki.apache.org/confluence/display/SYNCOPE/Delete+several+users+at+once
> [3] http://syncope.apache.org/rest/1.2/index.html
> [4] https://cwiki.apache.org/confluence/display/SYNCOPE/Log+levels
>
> --
> Francesco Chicchiriccò
>
> Tirasa - Open Source Excellencehttp://www.tirasa.net/
>
> Involved at The Apache Software Foundation:
> member, Syncope PMC chair, Cocoon PMC, Olingo
> PMChttp://people.apache.org/~ilgrosso/
>
>
