Add conditional options to AttributeAdd authproc #2559
Conversation
|
Thanks Nathan! I feel like this use-case is so specific that it should probably go into a custom authproc-filter. |
Yeah, that was my inital thoughts too. My original design was this: 'authproc' => [
50 => [
'class' => 'core:AttributeConditionalAdd',
'conditions' => [
'attrExists' => [
'eduPersonAffiliation',
],
'attrExistsRegex' => [
'/^person.*$/',
],
'attrValueIs' => [
'departmentName' => 'Physics',
],
'attrValueIsRegex' => [
'employeeType' => '/^staff$/',
],
],
'attributes' => [
'isInternal' => ['true'],
],
],
],But the base case is just: 'authproc' => [
50 => [
'class' => 'core:AttributeConditionalAdd',
'conditions' => [], // empty array should be default, so we shouldn't need to specify it
'attributes' => [
'attributeToAdd' => ['true'],
],
],
],Which is just I'm happy to submit a PR for Another thing I considered doing was just using Thanks Tim. I appreciate the feedback. |
|
I'm curious what this looks like with the existing |
Honestly, I haven't tried. The use of |
tvdijen
force-pushed
the
simplesamlphp-2.5
branch
2 times, most recently
from
4c158e2 to
8e1da16
Compare
tvdijen
force-pushed
the
simplesamlphp-2.5
branch
from
4874a87 to
4398438
Compare
3 participants
I have a use case where we have a number of dynamic attributes that follow a particular pattern, and if any of them exist, I need to add an attribute.
As a concrete example, if any of
customerTypeA,customerTypeB,customerTypeC, ... exists, then setisCustomer= ['true'].With this PR, this can easily be done with:
I added both the string and regular expression options, as not every user will understand regular expressions, yet it's the only sensible way to support a dynamic list of attributes (such as my use case).
Fully backward compatible as usual. If neither options are specified then it will add the attribute, as per existing functionality. PHPUnit tests and documentation updated too.