Assign roles to contract EAV - Import of data from CSV

This task assigns roles to contracts. You can either assign roles to every contract of the user, to the main contract, or to a contract specified by contract EAV values.

Here is an example of CSV file which can be used for import role definitions.

login;role;eavname1;eavvalue1;eavname2;eavvalue2;roleattributename1;roleattributevalue1
john;role1,role2;eav1;123;eav2;321,roleAttribute,attributeValue

As a result, this task will assign roles with the code 'role1' and 'role2' to a user with username 'john' on a contract which has the value of a contract EAV 'eav1' '123' and 'eav2' '321', if such contract exists. It will also set role attribute "roleAttribute" to value "attributeValue". Note that if no such parameter exists, import task will simply skip this and it wont fail.

If you want to assign roles to the main contract or to all contracts, you only need to specify the username and the roles.

login;role
john;role1,role2

Now we will create the new LongRunningTask(LRT). As shown in the picture, go to Settings → Task scheduler → Scheduled tasks and hit green "Add" button to add new LRT.

Now we need to create new LRT with these attributes:

- Task type - Import assigned roles - Column separator - separator of columns in csv file - File encoding type - insert encoding of your csv file. Default value is UTF-8 - Upload CSV file - dropzone to select or drop csv file - Column with roles - Name of the column with roles in csv file. - Column with username - name of the column with username - Roles assignment contract type - Asign roles to one of the options:

  • allContracts - assigns roles to all valid and future contracts
  • primeContract - assigns roles to prime/main contract
  • eavContract - assigns roles to contract with specified EAV

- Prefix of column name with contract attribute name - Prefix of column with contract eav code in the csv file. You can use any number of EAV attributes you choose, only make sure to add numbers after the prefix starting with 1. Mandatory if you choose assign to eavContract. (See the first example of a CSV file above.) - Prefix of column name with contract attribute value - Prefix of column with contract eav value in the csv file. You can use any number of EAV attributes you choose, only make sure to add numbers after the prefix starting with 1. Mandatory if you choose to assign to eavContract. (See the first example of a CSV file above.) - Multi value separator - separator of roles column in csv file. This works ONLY for the roles column. You also need to tick the checkbox. - Contract definition - specify IdmIdentityContract definition code. Use it optionally when you choose to assign to eavContract. The default value is default. - Prefix of column with the name of the role parameter. - Prefix of column with the value of the role parameter. Optionally you can fill role validity (valid from and valid till), with this option you have to also fill date format (Example: "yyyy-MM-dd").

There is a known issue with importing unique role attributes. If the attribute is defined as unique, you need to have unique values for the attribute in your input csv file. If values are not unique, there is a possibility to create non unique values in IdM due to the asynchronous nature of role requests.

assignrolesfromcsv.jpg

Now we just need to hit run.

And we also need to process it in all tasks.

You can check status about created role definitions in "all tasks" panel in task detail. Here you can find information about created or already existing automatic role definitions.

Everything should be set up and when the task ends, roles which was in IdM are assigned to contract with eav value same as in CSV.

If you delete or upload new file via dropzone, you should delete old files, created from previous uploads.

  • by cabelkal