... | ... | @@ -24,6 +24,40 @@ To manage rules, navigate to `Rules -> List rules`. Add a rule by selecting `Add |
|
|
* `Rule type`: For the type, use one of the following values: At the moment only tested value is `DRL`
|
|
|
* `Rule`: Here you can edit the rule itself.
|
|
|
|
|
|
#### Rule examples
|
|
|
|
|
|
An example for a rule, which checks for the presence of an e-mail address:
|
|
|
|
|
|
```
|
|
|
package edu.kit.scc.webreg.drools
|
|
|
|
|
|
import edu.kit.scc.webreg.entity.SamlUserEntity;
|
|
|
import edu.kit.scc.webreg.drools.UnauthorizedUser;
|
|
|
|
|
|
global org.slf4j.Logger logger;
|
|
|
|
|
|
rule "IDP is one of two specific entity id"
|
|
|
|
|
|
when
|
|
|
$user : SamlUserEntity( idp.entityId != "<entity-id-1>" &&
|
|
|
idp.entityId != "<entity-id-2>" )
|
|
|
then
|
|
|
logger.info( "IDP for user {} is wrong", $user.getIdp().getEntityId() );
|
|
|
insert( new UnauthorizedUser($user, "kit-only") );
|
|
|
|
|
|
end
|
|
|
|
|
|
rule "Email is set"
|
|
|
|
|
|
when
|
|
|
$user : SamlUserEntity( email == null )
|
|
|
then
|
|
|
logger.info( "E-Mail for user {} is not set", $user.getEppn() );
|
|
|
insert( new UnauthorizedUser($user, "e-mail-missing") );
|
|
|
|
|
|
end
|
|
|
```
|
|
|
|
|
|
### Tools
|
|
|
|
|
|
In the `List rules` section, you can use a regular expressions to search and replace on all rules. An usage example for this function is the upgrade from an older version to 2.6.1. The UserEntity object was renamed to SamlUserEntity in this release. With search and replace, you can edit all occurrences in all rules at once. Please beware that rules are not automatically versioned, so it is best to backup the reg-app database before doing this.
|
... | ... | |