ad17b15404fe8bbc97c620669f32311567a9ab84Andi Egloff * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
ad17b15404fe8bbc97c620669f32311567a9ab84Andi Egloff * Copyright (c) 2014 ForgeRock AS. All rights reserved.
ad17b15404fe8bbc97c620669f32311567a9ab84Andi Egloff * The contents of this file are subject to the terms
ad17b15404fe8bbc97c620669f32311567a9ab84Andi Egloff * of the Common Development and Distribution License
ad17b15404fe8bbc97c620669f32311567a9ab84Andi Egloff * (the License). You may not use this file except in
ad17b15404fe8bbc97c620669f32311567a9ab84Andi Egloff * compliance with the License.
ad17b15404fe8bbc97c620669f32311567a9ab84Andi Egloff * You can obtain a copy of the License at
ad17b15404fe8bbc97c620669f32311567a9ab84Andi Egloff * See the License for the specific language governing
ad17b15404fe8bbc97c620669f32311567a9ab84Andi Egloff * permission and limitations under the License.
ad17b15404fe8bbc97c620669f32311567a9ab84Andi Egloff * When distributing Covered Code, include this CDDL
ad17b15404fe8bbc97c620669f32311567a9ab84Andi Egloff * Header Notice in each file and include the License file
ad17b15404fe8bbc97c620669f32311567a9ab84Andi Egloff * If applicable, add the following below the CDDL Header,
ad17b15404fe8bbc97c620669f32311567a9ab84Andi Egloff * with the fields enclosed by brackets [] replaced by
ad17b15404fe8bbc97c620669f32311567a9ab84Andi Egloff * your own identifying information:
ad17b15404fe8bbc97c620669f32311567a9ab84Andi Egloff * "Portions Copyrighted [year] [name of copyright owner]"
ad17b15404fe8bbc97c620669f32311567a9ab84Andi Egloff * Calculates the effective roles
ad17b15404fe8bbc97c620669f32311567a9ab84Andi Egloff/*global object */
c96652ffdb237d5167f5a00a771bf3e298bdbb22Chad Kienlelogger.debug("Invoked effectiveRoles script on property {}", propertyName);
9abe33608be5ecedc64fcc7727c885fd04ac5558Andi Egloff// Allow for configuration in virtual attribute config, but default
9abe33608be5ecedc64fcc7727c885fd04ac5558Andi Eglofflogger.trace("Configured rolesPropName: {}", rolesPropName);
212052124eb0e8d24d8629f8a69ffa0313153118Chad Kienleif (object[rolesPropName] === undefined && objectId !== undefined && objectId !== null) {
4c612d257b4ff240d2dc04785126f91a54a0c56cChad Kienle logger.trace("User's " + rolesPropName + " is not present so querying the roles", rolesPropName);
212052124eb0e8d24d8629f8a69ffa0313153118Chad Kienle var path = org.forgerock.json.resource.ResourcePath.valueOf("managed/user").child(objectId).child(rolesPropName);
cd3f2a1cb166204654a3737fc60fe199ecbb53deLaurent Bristiel response = openidm.query(path.toString(), {"_queryId": "find-relationships-for-resource"});
e7eb3ca682d7f080b1fb33cd54f56e880cdc9176Jason Vincentvar effectiveRoles = directRoles == null ? [] : directRoles;
ad17b15404fe8bbc97c620669f32311567a9ab84Andi Egloff// This is the location to expand to dynamic roles,
ad17b15404fe8bbc97c620669f32311567a9ab84Andi Egloff// project role script return values can then be added via
ad17b15404fe8bbc97c620669f32311567a9ab84Andi Egloff// effectiveRoles = effectiveRoles.concat(dynamicRolesArray);