Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Attribute mapper for meeting-user from SAML #2674

Closed
rrenkert opened this issue Oct 14, 2024 · 0 comments · Fixed by #2722
Closed

Attribute mapper for meeting-user from SAML #2674

rrenkert opened this issue Oct 14, 2024 · 0 comments · Fixed by #2722
Assignees
@hjanott
Labels
feature Schrödinger projectname
Milestone
4.2

Comments

@rrenkert
Copy link
Member

rrenkert commented Oct 14, 2024
edited by hjanott
Loading

The current implementation for the saml attribute mapping only contains a mapping for user data and a simple static meeting mapper.
This should be completed with a conditional mapping for meeting_user attributes.

The following JSON contains an example for this mapping:

...,
"member_number": "member_number",
"meeting_mappers": [{
   "name": "Mapper-Name", //optional
   "external_id": "M2025", // required
   "allow_update": "false" // default: true, optional
   "conditions": [{ // and per item 
       "attribute": "membernumber", // is a key in saml data
       "condition": "1426\d{4,6}$" //regex
   }, { // "and" per item
       "attribute": "function",
       "condition": "board"
   }], //all conditions && and optional
   "mappings": {    
       "groups": [{ // optional, default "standard"
           "attribute": "membership", // has priority 
           "default": "admin, standard" // default as fallback if value is empty
       }],
       "structure_levels": [{
           "attribute": "ovname", // 
           "default": "struct1, struct2",
       }],
       "number": {"attribute": "mglnumber"}
       "comment": {
           "attribute": "idp_comment",
           "default": "Group set via SSO"},
       "vote_weight": {
           "attribute": "vote",
           "default":"1",
       },
       "present": {
           "attribute": "present_key",
           "default":"True",
       },
   }
}]

Field description:

Attribut Typ Value Komentar
name string text for identification
member_number string ExtID user field
allow_update bool true/false true: data will be overwritten
external_id string ExtID of meeting The main meeting mapping
attribute string saml-attribute Attribute from IdP that will be used. coma seperated List
condition string RegEx evaluates to true: the attributes will be used for the user; false: the mapper will be skipped
default string   coma seperated List
mappings the mappings for user attributes inside the meeting (meeting_user fields)
number attribute, string participant numer meeting_user field
groups attribute + default, string ExtIDs of groups in meeting meeting_user field
structure_level attribute + default, string structure levels meeting_user field, format analog to Groups
comment attribute + default, string internal comment meeting_user field
vote_weight attribute + default, float Stimmgewicht meeting_user field
present attribute + default, bool Anwesenheit meeting_user field

When multiple mappings match structure levels and groups are treated additively and number, vote_weight, comment and present are used from the last matching mapper.
@rrenkert rrenkert added this to the 4.2 milestone Oct 14, 2024
@hjanott hjanott self-assigned this Oct 15, 2024
@hjanott hjanott mentioned this issue Nov 8, 2024
Merged
@MSoeb MSoeb added the Schrödinger projectname label Nov 11, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@hjanott hjanott

Labels
feature Schrödinger projectname
Projects
None yet
Milestone
4.2
Development

Successfully merging a pull request may close this issue.

new saml meeting mapping hjanott/openslides-backend
3 participants
@hjanott @rrenkert @MSoeb