Jos Groot Lipman
@@ -1081,10 +1081,10 @@ api2 = {
|
||||
var oRs = Oracle.Execute(sql, params.errmsg);
|
||||
if (params.errmsg && oRs.friendlyMsg)
|
||||
{
|
||||
var record = {};
|
||||
record[model.list.columns[0]] = oRs.friendlyMsg;
|
||||
data.push(record);
|
||||
return data;
|
||||
var record = {};
|
||||
record[model.list.columns[0]] = oRs.friendlyMsg;
|
||||
data.push(record);
|
||||
return data;
|
||||
}
|
||||
|
||||
var lastkey = 0;
|
||||
@@ -1220,6 +1220,7 @@ api2 = {
|
||||
}
|
||||
oRs.MoveNext();
|
||||
}
|
||||
oRs.Close();
|
||||
if (lastkey && data.length < limit)
|
||||
{
|
||||
total_count ++;
|
||||
|
||||
@@ -55,7 +55,7 @@ var api2_mapper = {
|
||||
"emailsettings" : { "filename": "appl/mgt/fac_email_setting.asp" },
|
||||
"exportfunctions" : { "filename": "appl/mgt/fac_export_app.asp" },
|
||||
"authorizationfunctions" : { "filename": "appl/mgt/fac_functie.asp" },
|
||||
"authorizationgroups" : { "filename": "appl/mgt/fac_groep.asp" },
|
||||
"authorizationgroups" : { "filename": "appl/api2/api_authorizationgroups.asp" },
|
||||
"authorizations" : { "filename": "appl/mgt/fac_groeprechten.asp", "nodoc": true },
|
||||
"identityproviders" : { "filename": "appl/mgt/aut_idp.asp" },
|
||||
"importfunctions" : { "filename": "appl/mgt/fac_import_app.asp" },
|
||||
|
||||
@@ -149,7 +149,7 @@ api2_rest = {
|
||||
Response.Status = "405 Method not allowed";
|
||||
Response.End;
|
||||
}
|
||||
if (!("REST_" + method in model))
|
||||
if (!("REST_" + method in model) || !model["REST_" + method])
|
||||
{
|
||||
Response.Status = "501 Not Implemented";
|
||||
// TODO The response MUST include an Allow header containing a list of valid methods for the requested resource.
|
||||
|
||||
26
APPL/API2/api_authorizationgroups.asp
Normal file
26
APPL/API2/api_authorizationgroups.asp
Normal file
@@ -0,0 +1,26 @@
|
||||
<%@ language = "JavaScript" %>
|
||||
<% /*
|
||||
$Revision$
|
||||
$Id$
|
||||
|
||||
File: api_authorizationgroups.asp
|
||||
|
||||
Description: ALG_GEBOUW API
|
||||
Parameters:
|
||||
Context: Door een remote systeem (geen persoon) om info uit FACILITOR te halen aan te roepen
|
||||
|
||||
Notes: Eigen bestand zodat we internal: true kunnen meegeven
|
||||
*/
|
||||
DOCTYPE_Disable = true;
|
||||
ANONYMOUS_Allowed = 1; // Eigenlijk niet waar. We regelen echter alles zelf
|
||||
THIS_FILE = "appl/api/api_authorizationgroups.asp";
|
||||
|
||||
%>
|
||||
<!-- #include file="../Shared/common.inc" -->
|
||||
<!-- #include file="./api2_rest.inc" -->
|
||||
<!-- #include file="../Shared/json2.js" -->
|
||||
<!-- #include file="./model_fac_groep.inc" -->
|
||||
<%
|
||||
var groep = new model_fac_groep(null, { internal: true }); // internal zodat PUT/POST/DELETE ook kunnen
|
||||
api2_rest.process(groep);
|
||||
%>
|
||||
@@ -57,6 +57,11 @@ function model_fac_groep(groep_key, params)
|
||||
"label": L("lcl_prs_substitutes"),
|
||||
"typ": "check0"
|
||||
},
|
||||
"externalid": {
|
||||
"dbs": "fac_groep_externid",
|
||||
"label": L("fac_groep_externid"),
|
||||
"typ": "varchar"
|
||||
},
|
||||
"membercount": {
|
||||
"dbs": "nn_leden",
|
||||
"sql": "(SELECT COUNT(*) FROM fac_gebruikersgroep WHERE fac_groep.fac_groep_key = fac_gebruikersgroep.fac_groep_key)",
|
||||
|
||||
@@ -158,6 +158,11 @@ function model_prs_perslid(params)
|
||||
"typ": "datetime",
|
||||
"readonly": true
|
||||
},
|
||||
"deactivated": {
|
||||
"dbs": "prs_perslid_inactief",
|
||||
"label": L("prs_perslid_inactief"),
|
||||
"typ": "datetime"
|
||||
},
|
||||
"function": {
|
||||
"dbs": "prs_srtperslid_key",
|
||||
"label": L("lcl_prs_person_function"),
|
||||
|
||||
157
APPL/API2/plugins/scimgroups.wsc
Normal file
157
APPL/API2/plugins/scimgroups.wsc
Normal file
@@ -0,0 +1,157 @@
|
||||
<?xml version="1.0"?>
|
||||
<component>
|
||||
<?component error="true" debug="true"?>
|
||||
<registration
|
||||
description="scimgroups"
|
||||
progid="flexwhere.WSC"
|
||||
version="1.00"
|
||||
classid="{6D817B6F-9D08-4636-AAD9-8BD7C5EFF56A}"
|
||||
>
|
||||
</registration>
|
||||
|
||||
<public>
|
||||
|
||||
<!-- properties -->
|
||||
|
||||
<!-- methods -->
|
||||
<method name="initialize">
|
||||
<PARAMETER name="params"/>
|
||||
</method>
|
||||
<method name="transform_filter">
|
||||
<PARAMETER name="filter"/>
|
||||
</method>
|
||||
<method name="transform_outgoing">
|
||||
<PARAMETER name="params"/>
|
||||
<PARAMETER name="data"/>
|
||||
</method>
|
||||
<method name="transform_incoming">
|
||||
<PARAMETER name="params"/>
|
||||
<PARAMETER name="data"/>
|
||||
</method>
|
||||
<method name="get_eTag">
|
||||
<PARAMETER name="params"/>
|
||||
<PARAMETER name="data"/>
|
||||
</method>
|
||||
</public>
|
||||
|
||||
<script language="javascript">
|
||||
<![CDATA[
|
||||
|
||||
/* properties */
|
||||
|
||||
|
||||
/* methods */
|
||||
/*
|
||||
/*
|
||||
$Id$
|
||||
|
||||
File: scimgroups.wsc
|
||||
*/
|
||||
/* Globals */
|
||||
var FCLT;
|
||||
|
||||
// De omschrijving van de objecten in FACILITOR moet FW1, FW2 etc. zijn
|
||||
var scimgroups_srtdeel_key = 258418;
|
||||
|
||||
function initialize(params)
|
||||
{
|
||||
FCLT = params;
|
||||
}
|
||||
|
||||
function transform_filter(filter)
|
||||
{
|
||||
if ("count" in filter)
|
||||
filter.limit = filter.count;
|
||||
return filter;
|
||||
}
|
||||
|
||||
function get_eTag(params, data)
|
||||
{
|
||||
if (data && typeof data == "object" && "meta" in data)
|
||||
return data.meta.version;
|
||||
return null;
|
||||
}
|
||||
|
||||
function transform_incoming(params, data)
|
||||
{
|
||||
//FCLT.DEZE.__DoLog(data);
|
||||
var authorizationgroup =
|
||||
{
|
||||
name : data["displayName"],
|
||||
externalid : data["externalId"]
|
||||
};
|
||||
// TODO: Users negeren we nog
|
||||
|
||||
//FCLT.DEZE.__DoLog(authorizationgroup);
|
||||
|
||||
return { authorizationgroup: authorizationgroup };
|
||||
}
|
||||
|
||||
function transform_one_group(params, authorizationgroup)
|
||||
{
|
||||
FCLT.DEZE.__Log(authorizationgroup);
|
||||
var unique = FCLT.DEZE.customerId + "_authorizationgroup_" + String(authorizationgroup.id);
|
||||
var onegroup = {
|
||||
"displayName":authorizationgroup.name,
|
||||
"externalId":authorizationgroup.externalid,
|
||||
"id":unique,
|
||||
"schemas":[
|
||||
"urn:ietf:params:scim:schemas:core:2.0:Group",
|
||||
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:Group"
|
||||
],
|
||||
"meta":{
|
||||
"created":authorizationgroup.created,
|
||||
"lastModified":authorizationgroup.lastchange,
|
||||
"location":FCLT.DEZE.HTTP.urlzelf() + "/appl/SCIM/Groups/" + unique,
|
||||
"resourceType":"Group"
|
||||
}
|
||||
}
|
||||
var allgroups = [];
|
||||
if (0)
|
||||
for (var j = 0; j < authorizationgroup.authorization.length; j++)
|
||||
{
|
||||
var group = authorizationgroup.authorization[j];
|
||||
var unique = FCLT.DEZE.customerId + "_authorization_" + String(group.authorizationgroup.id);
|
||||
onegroup.groups.push({
|
||||
"value":unique,
|
||||
"$ref":FCLT.DEZE.HTTP.urlzelf() + "/appl/SCIM/Groups/" + unique,
|
||||
"display":group.authorizationgroup.name
|
||||
})
|
||||
}
|
||||
var oCrypto = new ActiveXObject("SLNKDWF.Crypto");
|
||||
var eTag = '"' + oCrypto.hex_sha1(FCLT.DEZE.JSON.stringify(onegroup)).toLowerCase() + '"';
|
||||
onegroup.meta["version"] = "W/" + eTag; // Weak eTag?
|
||||
return onegroup;
|
||||
}
|
||||
|
||||
function transform_outgoing(params, data)
|
||||
{
|
||||
if ("authorizationgroup" in data)
|
||||
{
|
||||
var oneauthorizationgroup = transform_one_group(params, data.authorizationgroup);
|
||||
return oneauthorizationgroup;
|
||||
}
|
||||
if ("authorizationgroups" in data)
|
||||
{
|
||||
var allgroups = [];
|
||||
for (var i = 0; i < data.authorizationgroups.length; i++)
|
||||
{
|
||||
if (params.limit && allgroups.length > params.limit)
|
||||
break;
|
||||
var authorizationgroup = data.authorizationgroups[i];
|
||||
allgroups.push(transform_one_group(params, authorizationgroup));
|
||||
}
|
||||
|
||||
return {
|
||||
"totalResults": allgroups.length,
|
||||
"itemsPerPage": 10,
|
||||
"startIndex": 1,
|
||||
"schemas": ["urn:ietf:params:scim:api:messages:2.0:ListResponse"],
|
||||
"Resources": allgroups
|
||||
};
|
||||
}
|
||||
}
|
||||
|
||||
]]>
|
||||
</script>
|
||||
</component>
|
||||
@@ -84,9 +84,10 @@ function transform_incoming(params, data)
|
||||
externalid : data["externalId"],
|
||||
name : data["name"]["displayName"],
|
||||
lastname : data["name"]["familyName"],
|
||||
firstname : data["name"]["givenName"]
|
||||
firstname : data["name"]["givenName"],
|
||||
deactivated : data["active"]?null:new Date()
|
||||
};
|
||||
person["function"] = { name: data["userType"] } // id mag achterwege blijven omdat desc_is_unique
|
||||
person["function"] = { name: data["title"] } // id mag achterwege blijven omdat desc_is_unique
|
||||
|
||||
if (data["emails"].length)
|
||||
{
|
||||
@@ -94,9 +95,9 @@ function transform_incoming(params, data)
|
||||
}
|
||||
if (data["phoneNumbers"].length)
|
||||
{
|
||||
person.phone = data["phoneNumbers"][0].value; // type:work/primary:true opzoeken ?
|
||||
person.mobile = data["phoneNumbers"][0].value; // type:mobile/primary:true opzoeken ?
|
||||
}
|
||||
// groepen negeren we nog
|
||||
// TODO groepen negeren we nog
|
||||
|
||||
//FCLT.DEZE.__DoLog(person);
|
||||
|
||||
@@ -121,13 +122,14 @@ function transform_one_person(params, person)
|
||||
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"
|
||||
],
|
||||
"displayName":person.name,
|
||||
"active": !person.deactivated,
|
||||
"meta":{
|
||||
"created":person.created,
|
||||
"lastModified":person.lastchange,
|
||||
"location":FCLT.DEZE.HTTP.urlzelf() + "/appl/SCIM/Users/" + unique,
|
||||
"resourceType":"User"
|
||||
},
|
||||
"userType":person["function"].name,
|
||||
"Title":person["function"].name,
|
||||
"emails":[
|
||||
{
|
||||
"value":person.email,
|
||||
@@ -137,8 +139,8 @@ function transform_one_person(params, person)
|
||||
],
|
||||
"phoneNumbers":[
|
||||
{
|
||||
"value":person.phone,
|
||||
"type":"work",
|
||||
"value":person.mobile,
|
||||
"type":"mobile",
|
||||
"primary":true
|
||||
}
|
||||
],
|
||||
@@ -148,7 +150,7 @@ function transform_one_person(params, person)
|
||||
for (var j = 0; j < person.authorization.length; j++)
|
||||
{
|
||||
var group = person.authorization[j];
|
||||
var unique = FCLT.DEZE.customerId + "_authorization_" + String(group.authorizationgroup.id);
|
||||
var unique = FCLT.DEZE.customerId + "_authorizationgroup_" + String(group.authorizationgroup.id);
|
||||
oneuser.groups.push({
|
||||
"value":unique,
|
||||
"$ref":FCLT.DEZE.HTTP.urlzelf() + "/appl/SCIM/Groups/" + unique,
|
||||
|
||||
@@ -28,6 +28,7 @@ function doLogin(prs_key, params)
|
||||
+ " , prs_perslid_einddatum"
|
||||
+ " FROM prs_perslid"
|
||||
+ " WHERE prs_perslid_verwijder IS NULL"
|
||||
+ " AND prs_perslid_inactief IS NULL"
|
||||
+ " AND prs_perslid_key = " + prs_key;
|
||||
var oRs = Oracle.Execute(sql);
|
||||
if (oRs.Eof)
|
||||
@@ -635,6 +636,7 @@ function getIdentity(username, wachtwoord, params)
|
||||
+ " , prs_perslid_apikey"
|
||||
+ " FROM prs_perslid"
|
||||
+ " WHERE prs_perslid_verwijder IS NULL"
|
||||
+ " AND prs_perslid_inactief IS NULL"
|
||||
+ " AND (" + logins.join(" OR ") + ")"
|
||||
+ " AND BITAND(prs_perslid_flags, " + block_flags + ") = 0";
|
||||
|
||||
|
||||
@@ -53,6 +53,16 @@
|
||||
<match url="^appl/SCIM/Users" />
|
||||
<action type="Rewrite" url="default.asp?api2=persons&format=json&plugin=scimusers&include=lastchange,authorization" appendQueryString="true" />
|
||||
</rule>
|
||||
|
||||
<rule name="SCIMGroup" stopProcessing="true">
|
||||
<match url="^appl/SCIM/Groups/.*_authorizationgroup_(\d+)" />
|
||||
<action type="Rewrite" url="default.asp?api2=authorizationgroups&id={R:1}&format=json&plugin=scimgroups&include=lastchange,authorization" appendQueryString="true" />
|
||||
</rule>
|
||||
|
||||
<rule name="SCIMGroups" stopProcessing="true">
|
||||
<match url="^appl/SCIM/Groups" />
|
||||
<action type="Rewrite" url="default.asp?api2=authorizationgroups&format=json&plugin=scimgroups&include=lastchange,authorization" appendQueryString="true" />
|
||||
</rule>
|
||||
<!--
|
||||
<rule name="Check file exists">
|
||||
<match url="^([^.]+)\.([a-zA-Z]+)" />
|
||||
|
||||
Reference in New Issue
Block a user