generate-value

Last modified 22 Apr 2021 17:31 +02:00

Since 3.6

This functionality is available since version 3.6.

Description

Generate new values for item or items specified in the request according to the value policy.

Input

Any object.

Output

Object with the generated values.

Properties

Property name	Meaning
items	Description of items to generate (see below).

Property name

Meaning

items

Description of items to generate (see below).

The description of items to be generated is the same as for the corresponding REST call (i.e. /{type}/{oid}/generate). It is PolicyItemsDefinitionType structure, consisting of PolicyItemDefinitionType elements, with the following structure:

Item	Meaning	Examples	Default
target	Path of the item whose value is to be generated.	credentials/password/value, employeeNumber	-
valuePolicyRef	Reference to the value policy to be used.	oid=00000000-0000-0000-0000-000000000003, type=ValuePolicyType	user or system-wide password policy
execute	"True" if the generated value should be stored into the repository or resource object.	true, false	false

Item

Meaning

Examples

Default

target

Path of the item whose value is to be generated.

credentials/password/value, employeeNumber

valuePolicyRef

Reference to the value policy to be used.

oid=00000000-0000-0000-0000-000000000003, type=ValuePolicyType

user or system-wide password policy

execute

"True" if the generated value should be stored into the repository or resource object.

true, false

false

Note that if the items parameter is not present, the default value is the following:

Default value for "items" parameter

<c:value xsi:type="api:PolicyItemsDefinitionType">
  <api:policyItemDefinition>
    <api:target>
      <api:path>credentials/password/value</api:path>
    </api:target>
  </api:policyItemDefinition>
</c:value>

Meaning that the item generated is the password value using user or system-wide password policy and not storing it into midPoint users.

Examples

Takes selected users, generates and stores passwords for them

<s:executeScript xmlns:s="http://midpoint.evolveum.com/xml/ns/public/model/scripting-3"
                 xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
                 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                 xmlns:api="http://midpoint.evolveum.com/xml/ns/public/common/api-types-3">
    <s:pipeline>
        <s:action>
            <s:type>resolve</s:type>        <!-- resolves references to real objects -->
        </s:action>
        <s:action>
            <s:type>generate-value</s:type>
            <s:parameter>
                <s:name>items</s:name>
                <c:value xsi:type="api:PolicyItemsDefinitionType">
                    <api:policyItemDefinition>
                        <api:target>
                            <api:path>credentials/password/value</api:path>
                        </api:target>
                        <api:execute>true</api:execute>
                    </api:policyItemDefinition>
                </c:value>
            </s:parameter>
        </s:action>
        <s:filterContent>
            <s:keep>name</s:keep>
            <s:keep>credentials/password/value</s:keep>     <!-- removes everything except OID, name and password -->
        </s:filterContent>
    </s:pipeline>
    <s:input>
        <s:value xsi:type="c:ObjectReferenceType" oid="XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX" type="UserType"/> <!-- invalid OID -->
        <s:value xsi:type="c:ObjectReferenceType" oid="c0c010c0-d34d-b33f-f00d-111111111116" type="UserType"/> <!-- guybrush -->
        <s:value xsi:type="c:ObjectReferenceType" oid="c0c010c0-d34d-b33f-f00d-11111111111e" type="UserType"/> <!-- elaine -->
    </s:input>
    <s:options>
        <s:continueOnAnyError>true</s:continueOnAnyError>
    </s:options>
</s:executeScript>

Was this page helpful?

YES NO

Thanks for your feedback