Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
tutorial:adm:roles_-_import_data_from_csv [2019/07/09 06:56] doischert |
tutorial:adm:roles_-_import_data_from_csv [2022/09/05 14:18] apeterova fixed formatting |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== Roles - Import of data from CSV ====== | ====== Roles - Import of data from CSV ====== | ||
- | ===== 1a. Prepare | + | ==== 1. Prepare |
- | Please | + | Here is an example of a CSV file which can be used for importing (or updating) roles, setting their role attributes, guarantees (by user, or by role) and criticality, |
- | ==== 1b. Prepare CSV file ==== | + | < |
+ | roles; | ||
+ | testimportrolename; | ||
- | Here is an example of CSV file which can be used for importing (or updating) roles and set their role attributes. | ||
- | |||
- | < | ||
- | roles; | ||
- | Manager-A; | ||
- | LAY-SP; | ||
- | " | ||
- | AB-role"; | ||
</ | </ | ||
- | As you can see roles column can contain single or multiple values (separated by a line; the separator can be specified in the settings of the LRT). For multivalued roles, | + | In Excel, it looks like this: {{ .: |
- | CSV file can have optional number of columns, role, description, | + | |
+ | As you can see roles column can contain single or multiple values (separated by a line; the separator can be specified in the settings of the LRT). For multivalued roles, | ||
+ | |||
+ | The result of this LRT used with this CSV file should be that one new role testimportrolename (with code testimportrolecode) will be created. It will have these properties: | ||
+ | |||
+ | * description: | ||
+ | * attribute: ' | ||
+ | * guarantee: user with username ' | ||
+ | * guarantee by role: role with the code ' | ||
+ | * criticality: | ||
+ | * catalogue: it will be in ' | ||
+ | * it will have EAV with code ' | ||
+ | * it will create an account on system ' | ||
+ | |||
+ | <note important> | ||
==== Create new LongRunningTask ==== | ==== Create new LongRunningTask ==== | ||
- | Now we will create the new LongRunningTask (LRT). As shown in the picture, go to Settings → Task scheduler → Scheduled tasks and hit green " | + | Now we will create the new LongRunningTask (LRT). As shown in the picture, go to Settings → Task scheduler → Scheduled tasks and hit green " |
- | {{ : | + | {{ .: |
==== Fill all attributes ==== | ==== Fill all attributes ==== | ||
Line 30: | Line 38: | ||
Now we need to create new LRT with these attributes: | Now we need to create new LRT with these attributes: | ||
- | - Task type - **ImportRolesFromCSVExecutor** | + | **General:** |
- | - Import csv file - dropzone to select or drop csv file | + | |
- | - Column with roles - Name of the column with roles in csv file | + | |
- | - Column with description - name of the column with role description, | + | |
- | - Column with attributes - name of the column with role attributes, can be also used to update attributes | + | |
- | - Form definition code - the code for the definition which will contain the added attributes | + | |
- | - Column separator - separator of columns in csv file (default ; ) | + | |
- | - Multi value separator - (Char, default: new line) separator of multi valued role names in the csv file, new line separator is default export from excel, but for better clarity of the csv file, it's recommended to use some symbol instead | + | |
- | - System name - name of the system to connect with roles | + | |
- | - MemberOf attribute name - (default: rights) - name of multi valued attribute for merge, attribute named " | + | |
- | - Can be requested - (Boolean) - Fills can be requested, can be also used to update already imported settings | + | |
- | <note important> | + | * Upload a CSV file - dropzone to select or drop csv file |
+ | * Column with role names - name of the column with roles in csv file | ||
+ | * Column with role codes - name of the column with role codes in csv file; if left empty, the role code is based on the role name, only spaces are replaced by underscores | ||
+ | * Column with description - name of the column with role description, | ||
+ | * Column with criticality - name of the column with role criticality, | ||
+ | * Column with catalogue names - name of the column with catalogue names, can be also used to update catalogue names (if your CSV file doesn' | ||
+ | * Column with subrole codes - name of the column with subordinate roles codes, can be also used to update subordinate roles (if your CSV file doesn' | ||
+ | * Column separator - separator of columns in csv file (default ; ) | ||
+ | * Multi value separator - (Char, default: |) separator of multi valued role names in the csv file, new line separator is default export from excel, but for better clarity of the csv file, it's recommended | ||
+ | * Role environment - the name of the environment to which you want to add the role; only supported during creating, not updating roles! | ||
+ | * Can be requested - (Boolean) - Roles can be requested, can be also used to update already imported settings; it allows not selecting value when updating (not when creating!) roles which will not change the Can be requested property of roles. When creating roles, either Yes or No must be selected. | ||
- | {{ :tutorial:adm:01_conflrt.png? | + | **Role attributes:** |
- | {{ :tutorial:adm:02_conflrt2.png?direct&600 |}} | + | |
+ | * Column with role attributes - name of the column with role attributes, can be also used to update attributes (if your CSV file doesn' | ||
+ | * Form definition code - the code for the definition which will contain the added attributes (you only have to fill this if you are setting attributes) | ||
+ | |||
+ | **Role EAVs:** | ||
+ | |||
+ | You can set value to multiple role EAVs. The mechanism used for this is prefixes which are followed by the order number of the column (e. g., ' | ||
+ | |||
+ | * Prefix of column with name of EAV attribute: Only attributes from the main role definition can be imported and they must of type SHORTTEXT. Supports update (the current value of the attribute will be overwritten if imported). | ||
+ | * Prefix of column with value of EAV attribute | ||
+ | |||
+ | **Guarantees: | ||
+ | |||
+ | * Column with guarantee - name of the column with role guarantee by identity login, can be also used to update guarantee (if your CSV file doesn' | ||
+ | * Column with guarantee types - name of the column with role guarantee by identity [[.: | ||
+ | * Update guarantee types - check if you want to add new guarantee type to an existing guarantee (this will create a new guarantee with the selected type, the original one will still exist) (since Extras 2.2.0) | ||
+ | * Column with guarantee role - name of the column with role guarantee by role code, can be also used to update role guarantee (if your CSV file doesn' | ||
+ | * Column with guarantee role types - name of the column with role guarantee by role [[.:new_role|type]] (if your CSV file doesn' | ||
+ | * Update guarantee role types - check if you want to add new guarantee type to an existing guarantee role (this will create a new guarantee with the selected type, the original one will still exist) (since Extras 2.2.0) | ||
+ | |||
+ | **System:** | ||
+ | |||
+ | You can set attributes at multiple systems or set multiple attributes in one system. The mechanism used for this is prefixes which are followed by the order number of the column (e. g., ' | ||
+ | |||
+ | * Prefix of column with system name | ||
+ | * Prefix of column with system attribute codes | ||
+ | * Prefix of column with system attribute values: The attribute has to a multivalued attribute with merge strategy set. | ||
+ | |||
+ | <note important> | ||
+ | |||
+ | < | ||
+ | |||
+ | {{ .: | ||
==== Run the task ==== | ==== Run the task ==== | ||
- | Now we just need to hit run. | + | Now we need to hit run. |
- | {{: | + | {{.: |
- | You can check the status of the created roles in the "all tasks" panel in the task detail. Here you can find information about roles created, | + | Now we must go to the "all tasks" panel, select |
- | At this point, everything should be set up and when the task ends, roles are imported in IdM with their attributes, placed in the catalogue named by the system name. | + | {{ |
- | {{ : | + | You can also check the status of the created roles there in the task detail. Here you can find information about roles created, updated, or already existing. |
+ | |||
+ | At this point, everything should be set up and when the task ends, roles are imported in IdM with their attributes and other imported values, and placed in the catalogue named by the system name. | ||
+ | |||
+ | {{ .: | ||
==== Known issues ==== | ==== Known issues ==== | ||
If you delete or upload new file via dropzone, you should delete old files, created from previous uploads. | If you delete or upload new file via dropzone, you should delete old files, created from previous uploads. | ||
+ | |||