On 17/11/2015 12:56, Umberto Robustelli wrote:
Many thanks for the quick reply.
I'm evaluating syncope as identity manager.
I have user and groups coming from big db mapped in syncope as user
and roles.
Each role is associated with vcs calendar file, my goal is to check if
user can access to website according vcs file associated.
I've already done the script to check calendar with server time
I've already added the "vcs calendar file" as a binary schema.
My goal now is to understand how to add binary membership attribute
via curl passing a file .vcs.
I can't use string since vcs could be very long and so I added binary
attribute.
Since you need to pass values (e.g. the VCS file content in your case)
via JSON - which is a string format, like as XML - you should understand
that there is no alternative than using a string representation.
For string schemas, the value is a bare string.
For binary schemas, the value is the Base64 encoding of the original
value (supposed to be binary): this is the way to pass images,
certificates and other binary objects to Syncope.
Using a string schema in your case is not that bad; about your size
concerns, I'd say you have nothing to be worried, the HTTP POST payload
can be reasonably adapted to fit.
Alternatively, you can think to use a binary schema to store a zipped
stream from the original VCS (string) value.
HTH
Regards.
Json payload could be like this (I've modified your one simply adding
{
"schema": "vcsCalendar",
"valuesToBeAdded": [
"fileCalendar"
],
"valuesToBeRemoved": []
} )
{
"id": 769,
"membershipsToAdd": [
{
"id": 0,
"role": 344,
"attributesToUpdate": [
{
"schema": "card_id",
"valuesToBeAdded": [
"90"
],
"valuesToBeRemoved": []
},
{
"schema": "vcsCalendar",
"valuesToBeAdded": [
"fileCalendar"
],
"valuesToBeRemoved": []
}
]
}
]
}
but I don't know how send vcs file via curl.
Thanks in advance
Regards
Umberto
2015-11-17 10:52 GMT+01:00 Francesco Chicchiriccò <[email protected]
<mailto:[email protected]>>:
On 17/11/2015 09:58, Umberto Robustelli wrote:
Good evening,
I'm new to syncope.
Hi,
glad of your interest in Apache Syncope.
My goal is to add user, role and membership to syncope via curl
call to rest api
I'm able to add user and role and I can also associate user
with role through this call
curl --request POST -H "Accept: application/json" --data '
{"id":101,"membershipsToAdd":[{"role":100}]}' -u admin:password
-H "Content-Type: application/json"
http://localhost:8085/syncope/rest/users/766
Up to Syncope 1.2.X (which I presume you are running), memberships
are the representation of the relation between users and roles.
So, when you are associating an user with a role, you are in fact
creating a membership.
In the call above you are updating an user and adding a membership
for the role with id 100.
My question is about attribute and membership.
Could you provide an example in which I can set attribute of
membership?
In my example I've two attributes: group_name (string) and
calendar which is a file representing the calendar vcs binary type.
I've try this call
curl -H "Accept: application/json" --data
'{"id":769,"membershipMod":[{"role":344}],"attributeMod":[{"schema":"card_id,"valuesToBeAdded":"90"}]}'
-u admin:password -H "Content-Type: application/json"
http://localhost:8085/syncope/rest/users/769
with this error
<?xml version="1.0" encoding="UTF-8"
standalone="yes"?><syncope:error
xmlns:syncope="http://syncope.apache.org/1.2";><elements><element
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xmlns:ns4="http://www.w3.org/2001/XMLSchema";
xsi:type="ns4:string">Unrecognized field "membershipsMod" (class
org.apache.syncope.common.mod.UserMod), not marked as ignorable
(16 known properties: "resourcesToAdd", "virAttrsToRemove",
"resourcesToRemove", "securityQuestion", "virAttrsToUpdate",
"membershipsToAdd", "pwdPropRequest", "derAttrsToRemove",
"derAttrsToAdd", "username" [truncated]])
at [Source:
org.apache.cxf.transport.http.AbstractHTTPDestination$1@8790bd;
line: 1, column: 29] (through reference chain:
org.apache.syncope.common.mod.UserMod["membershipsMod"])</element></elements><status>500</status><type>Unknown</type></syncope:error>
This error is reporting that 'memershipsMod' is not a field from
UserMod; the closest match seems to be 'membershipsToAdd', as you
did above.
The JSON payload should then be something like as
{
"id": 769,
"membershipsToAdd": [
{
"id": 0,
"role": 344,
"attributesToUpdate": [
{
"schema": "card_id",
"valuesToBeAdded": [
"90"
],
"valuesToBeRemoved": []
}
]
}
]
}
Some useful references:
* samples of REST API invocation via curl: [1]
* sample usage of Java client library (there for bulk deletion,
but can be adapted for other operations): [2]
* REST API reference, which includes browsable XSD representation
of all methods payloads and return types: [3]
Finally, I would also suggest to work with admin console - after
raising log levels to DEBUG [4] - and to take a look at URLs and
payloads.
How can send vcs calendar file through rest call?
Hmm, probably the most effective way is to model the "vcs calendar
file" as a string (or possibly binary) schema. In this way you
would be setting the content of the vcs file as the value of a
membership attribute.
Your use case looks anyway interesting: would you like to provide
some more context?
Regards.
[1]
https://cwiki.apache.org/confluence/display/SYNCOPE/Call+REST+services+from+CLI#CallRESTservicesfromCLI-ApacheSyncope1.2.X
[2]
https://cwiki.apache.org/confluence/display/SYNCOPE/Delete+several+users+at+once
[3] http://syncope.apache.org/rest/1.2/index.html
[4] https://cwiki.apache.org/confluence/display/SYNCOPE/Log+levels
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Involved at The Apache Software Foundation:
member, Syncope PMC chair, Cocoon PMC, Olingo PMC
http://people.apache.org/~ilgrosso/
