Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Next revision Both sides next revision
tutorial:adm:roles_-_import_data_from_csv [2019/06/10 11:09]
hanakp [Fill all attributes] 		tutorial:adm:roles_-_import_data_from_csv [2019/07/11 11:47]
doischert
Line 1: Line 1:
 ====== Roles - Import of data from CSV ====== ====== Roles - Import of data from CSV ======
  
-==== Prepare CSV file ====+===== 1a. Prepare some virtual system =====
  
-Here is an example of CSV file which can be used for import roles.+Please use [[tutorial:adm:how_to_create_virtual_system|this]] tutorial to do so! 
 + 
 +==== 1b. Prepare CSV file ==== 
 + 
 +Here is an example of CSV file which can be used for importing (or updating) roles, setting their role attributes, guarantees (by user, or by role) and criticalityTo use this CSV file, create a new identity with user name "user_login", and a new role with code "role_code"
  
 <code> <code>
-roles;description +roles;description;attribute;criticality;guarantee;guarantee role; 
-Manager;Some role description +Manager-A;Leader; 
-"MASTER RO +LAY-SP;Manager;attr1;3;user_login;role_code 
-PAY-OP +"CORE-CLOSE 
-PAY-SP +AB-role";desc;attr1
-PAY-BLL +
-AMT-BLK +
-ACC-CLOSE";Some roles description+
 </code> </code>
  
-As you can see roles column can be single or multivalued. For multivalued roles, description will be added to every role.+As you can see roles column can contain single or multiple values (separated by a line; the separator can be specified in the settings of the LRT). For multivalued roles, values from the same row will be added to every role. The only exception here is role criticality which cannot be multivalued. 
 +CSV file can have optional number of columns: column names are specified in setup of LRT. 
 + 
 +The result of this LRT used with this CSV file should: 
 +  * 4 new roles (Manager-A, LAY-SP, CORE-CLOSE, AB-role) 
 +  * Manager-A will only have a description set (Leader) 
 +  * LAY-SP will have a description (Manager), attribute (attr1), criticality (3), guarantee by identity (with user-name "user-login"), and guarantee by role (with role-code "role_code) set. 
 +  * Roles CORE-CLOSE and AB-role will have a description ("desc"), and attribute (attr1) set.
  
 ==== Create new LongRunningTask ==== ==== Create new LongRunningTask ====
  
-Now we will create the new LongRunningTask(LRT). As shown in the picture, go to Settings → Task scheduler → Scheduled tasks and hit green "Add" button to add new LRT.+Now we will create the new LongRunningTask (LRT). As shown in the picture, go to Settings → Task scheduler → Scheduled tasks and hit green "Add" button to add new LRT. 
 + 
 +{{ :tutorial:adm:03_scheduler.png?direct&1200 |}}
  
 ==== Fill all attributes ==== ==== Fill all attributes ====
Line 29: Line 39:
 - Import csv file - dropzone to select or drop csv file - Import csv file - dropzone to select or drop csv file
 - Column with roles - Name of the column with roles in csv file - Column with roles - Name of the column with roles in csv file
-- Column with description - name of the column with role description, can be also used to update description +- Column with description - name of the column with role description, can be also used to update description (if your CSV file doesn't contain descriptions, i.e., you are not setting description for any of your roles, leave this line empty)  
-- Column separator - separator of columns in csv file +- Column with attributes - name of the column with role attributes, can be also used to update attributes (if your CSV file doesn't contain attributes, i.e., you are not setting attributes for any of your roles, leave this line empty) 
-- Multi value separator - ( Char, default: new line ) separator of multi value values in csv file+- Column with criticality - name of the column with role criticality, can be also used to update criticality (if your CSV file doesn't contain criticality, i.e., you are not setting criticality for any of your roles, leave this line empty) 
 +- Column with guarantee - name of the column with role guarantee by identity login, can be also used to update guarantee (if your CSV file doesn't contain guarantees, i.e., you are not setting guarantees for any of your roles, leave this line empty) 
 +- Column with guarantee role - name of the column with role guarantee by role code, can be also used to update role guarantee (if your CSV file doesn't contain role guarantees, i.e., you are not setting role guarantees for any of your roles, leave this line empty) 
 +- Form definition code - the code for the definition which will contain the added attributes 
 +- Column separator - separator of columns in csv file (default ; ) 
 +- Multi value separator - (Char, default: new line) separator of multi valued role names in the csv file, new line separator is default export from excel, but for better clarity of the csv file, it's recommended to use some symbol instead
 - System name - name of the system to connect with roles - System name - name of the system to connect with roles
-- MemberOf attribute name - ( default: rights ) - name of multi valued attribute for merge, attribute named "rights" is automatically created on every virtual system, but you can create your own and change setup of LRT +- MemberOf attribute name - (default: rights) - name of multi valued attribute for merge, attribute named "rights" is automatically created on every virtual system, but you can create your own and change setup of LRT 
-- Can be requested - ( Boolean ) - Fills can be requested, can be also used to update already imported settings+- Can be requested - (Boolean) - Fills can be requested, can be also used to update already imported settings 
 + 
 +<note important>If you are updating the roles, make sure to set the same form definition the role already have (if they have any). Also, each role can only have one definition, so if you by mistake set a different definition in the LRT configuration, you will likely get an error. Generally, DO NOT use this LRT to change the definition of a role. You can only change the definition if the role has no attributes set yet.</note> 
 + 
 +<note>This LRT can be used to update existing values but it **does not** remove old values. The only overwritten value during update is role criticality.</note> 
 + 
 +{{ :tutorial:adm:01_conflrt.png?direct&600 |}} 
 +{{ :tutorial:adm:02_conflrt2.png?direct&600 |}}
  
-{{:tutorial:adm:import-roles-lrt.png?500|}} 
 ==== Run the task ==== ==== Run the task ====
  
Line 43: Line 64:
 {{:tutorial:adm:aaaaaaaa6.png?100|}} {{:tutorial:adm:aaaaaaaa6.png?100|}}
  
-And we also need to process it in all tasks.+You can check the status of the created roles in the "all tasks" panel in the task detail. Here you can find information about roles created, updated, or already existing. 
 + 
 +At this point, everything should be set up and when the task ends, roles are imported in IdM with their attributes, placed in the catalogue named by the system name. 
 + 
 +{{ :tutorial:adm:04_resultrole.png?direct&1200 |}}
  
-{{:tutorial:adm:aaaaaaaa7.png?400|}}+==== Known issues ====
  
-You can check status about created roles in "all tasks" panel in task detail.+If you delete or upload new file via dropzone, you should delete old files, created from previous uploads.
  
-Everything should be set up so far and when the task ends, roles are imported in IdM, placed in catalogue named by system name. 
  • by apeterova