Example of Collection report: Comparing attributes of shadow and attributes of user in midPoint

Last modified 21 Feb 2022 16:23 +01:00

Please see Report configuration for basic information about configuration variables.

Usecase

We need report users with mismatched attributes, so we have to compare attributes of account of user and attributes of user in Midpoint. We create example which compare email prefix of user in Midpoint with firstname and lastname attributes of account chained by '.'.

Configuration

We need import object collection and report.

Object collection XML
<objectCollection oid="72b1f98e-f587-4b9f-b92b-72e251dbb244">
    <name>Account shadow R1</name>
    <type>ShadowType</type>
    <filter>
        <and>
            <ref>
                <path>resourceRef</path>
                <value oid="----OID_OF_YOUR_RESOURCE----"/>
            </ref>
            <equal>
                <path>kind</path>
                <value>account</value>
            </equal>
        </and>
    </filter>
</objectCollection>

Please replace '----OID_OF_YOUR_RESOURCE----' with oid of your resource.

Report XML
<report>
    <name>Comparing attributes</name>
    <assignment>
        <targetRef oid="00000000-0000-0000-0000-000000000171" relation="default" type="ArchetypeType">
            <!-- Collection report -->
        </targetRef>
    </assignment>
    <archetypeRef oid="00000000-0000-0000-0000-000000000171" relation="default" type="ArchetypeType">
        <!-- Collection report -->
    </archetypeRef>
    <roleMembershipRef oid="00000000-0000-0000-0000-000000000171" relation="default" type="ArchetypeType">
        <!-- Collection report -->
    </roleMembershipRef>
    <objectCollection>
        <collection>
            <collectionRef oid="72b1f98e-f587-4b9f-b92b-72e251dbb244" relation="default" type="ObjectCollectionType">
                <!-- Account shadow R1 -->
            </collectionRef>
        </collection>
        <view>
            <identifier>default-shadow</identifier>
            <column>
                <name>nameColumn</name>
                <path>attributes/login</path>
                <display>
                    <label>Login</label>
                </display>
            </column>
            <column>
                <name>firstNameColumn</name>
                <path>attributes/firstname</path>
                <display>
                    <label>First name</label>
                </display>
                <previousColumn>nameColumn</previousColumn>
            </column>
            <column>
                <name>lastNameColumn</name>
                <path>attributes/lastname</path>
                <display>
                    <label>Last name</label>
                </display>
                <previousColumn>firstNameColumn</previousColumn>
            </column>
            <column>
                <name>emailInMpColumn</name>
                <display>
                    <label>Email in mP</label>
                </display>
                <previousColumn>lastNameColumn</previousColumn>
                <export>
                    <expression>
                        <script>
                            <code>
                           import com.evolveum.midpoint.xml.ns._public.common.common_3.UserType;
                           import com.evolveum.midpoint.prism.path.ItemPath;
                           import org.apache.commons.lang3.StringUtils;

                           user = midpoint.searchShadowOwner(object.getOid());
                           return user.asObjectable().getEmailAddress();
                        </code>
                        </script>
                    </expression>
                </export>
            </column>
            <type>ShadowType</type>
        </view>
        <condition>
            <script>
                <code>
                   import com.evolveum.midpoint.xml.ns._public.common.common_3.UserType;
                   import com.evolveum.midpoint.prism.path.ItemPath;
                   import org.apache.commons.lang3.StringUtils;

                  shadowAttributes = object.getAttributes().asPrismContainerValue()
                  login = shadowAttributes.findProperty(ItemPath.create("login")).getRealValue();
                  user = midpoint.searchShadowOwner(object.getOid());
                  System.out.println("LOGIN: " + login)
                  System.out.println("USER: " + user)
                  if (user != null && user.asObjectable() != null) {
                     email = user.asObjectable().getEmailAddress();
                     if (StringUtils.isEmpty(email)) {
                        return true;
                     }
                     firstName = shadowAttributes.findProperty(ItemPath.create("firstname"));
                     lastName = shadowAttributes.findProperty(ItemPath.create("lastname"));
                     if (firstName == null && lastName == null) {
                        return false;
                     }

                     prefix = "";
                     if (firstName != null && firstName.getRealValue() != null) {
                        prefix = firstName.getRealValue().toLowerCase().replace(" ", ".");
                     }

                     if (lastName != null && lastName.getRealValue() != null) {
                        if (StringUtils.isNotEmpty(prefix)) {
                           prefix = prefix + "."
                        }
                        prefix = prefix + lastName.getRealValue().toLowerCase().replace(" ", ".");
                     }

                     if (StringUtils.isEmpty(prefix)) {
                        return true;
                     }

                     if (!prefix.equals(email.substring(0,email.indexOf("@")))) {
                        return true;
                     }

                  }
                  return false;
              </code>
            </script>
        </condition>
        <useOnlyReportView>true</useOnlyReportView>
    </objectCollection>
</report>