ds-load/plugins/ldap/pkg/app/assets/transform_template.tmpl at 0c68ebce0f88caaf6616b3dc90e207a705946ab8 · aserto-dev/ds-load · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
{
  {{ if eq $.EntryType "user" }}
    "objects": [
      {
        "id": "{{ $.Key }}",
        "type": "user",
        {{ if $.Attributes.cn }}
        "displayName": "{{ (index .Attributes.cn 0) }}",
        {{ end }}
        "properties": {
          {{ fromEnv "connection_id" "ASERTO_CONNECTION_ID" }}
          {{ range $key, $value := $.Attributes }}
          ,"{{ $key }}": {{ marshal $value }}
          {{ end }}
        }
      },
      {
        "id": "{{ $.Key }}",
        "type": "identity",
        "properties": {
            "verified": true,
            "provider": "ldap",
            {{ fromEnv "connection_id" "ASERTO_CONNECTION_ID" }},
            "kind": "IDENTITY_KIND_PID"
        }
      }
      {{/* if there are emails, create an identity for each of them */}}
      {{ if $.Attributes.mail}}
        {{ range $email := $.Attributes.mail }}
         ,{
           "id": "{{ $email }}",
           "type": "identity",
           "properties": {
             "verified": true,
             "provider": "ldap",
             {{ fromEnv "connection_id" "ASERTO_CONNECTION_ID" }},
             "kind": "IDENTITY_KIND_EMAIL"
           }
         }
        {{ end }}
      {{end}}
    ],
    "relations":[
      {
        "object_type": "user",
        "object_id": "{{$.Key}}",
        "relation": "identifier",
        "subject_type": "identity",
        "subject_id": "{{$.Key}}"
      }
      {{/* if there are emails, create an identity for each of them */}}
      {{ if $.Attributes.mail}}
        {{ range $email := $.Attributes.mail }}
          ,{
            "object_type": "user",
            "object_id": "{{ $.Key }}",
            "relation": "identifier",
            "subject_type": "identity",
            "subject_id": "{{ $email }}"
          }
        {{ end }}
      {{end}}
    ]
  {{ end }}

  {{ if eq $.EntryType "group" }}
    "objects": [
      {
        "id": "{{ $.Key }}",
        "type": "group",
        {{ if $.Attributes.cn }}
        "displayName": "{{ (index .Attributes.cn 0) }}",
        {{ end }}
        "properties": {
          {{ fromEnv "connection_id" "ASERTO_CONNECTION_ID" }}
          {{ range $key, $value := $.Attributes }}
          ,"{{ $key }}": {{ marshal $value }}
          {{ end }}
        }
      }
    ],
    "relations":[
      {{ if $.Attributes.memberUser }}
        {{ range $i, $member := $.Attributes.memberUser }}
          {{ if $i }},{{ end }}
          {
            "object_type": "group",
            "object_id": "{{ $.Key }}",
            "relation": "member",
            "subject_type": "user",
            "subject_id": "{{ $member }}"
          }
        {{ end }}
      {{end}}

      {{ if and $.Attributes.memberUser $.Attributes.memberGroup }}
      ,
      {{ end }}

      {{ if $.Attributes.memberGroup }}
        {{ range $i, $member := $.Attributes.memberGroup }}
          {{ if $i }},{{ end }}
          {
            "object_type": "group",
            "object_id": "{{ $.Key }}",
            "relation": "member",
            "subject_type": "group",
            "subject_id": "{{ $member }}",
            "subject_relation": "member"
          }
        {{ end }}
      {{end}}
    ]
  {{ end }}
}