Scripting Reference

Scripting Reference Scripting Scripting lets you customize how OpenIDM works in various ways, such as providing custom logic between source and target mappings, defining correlation rules, filters, and triggers.

Configuration You define scripts using script objects, which can either include the code directly in the configuration, or call an external file containing the script. { "type" : "text/javascript", "source": string } or { "type" : "text/javascript", "file" : file location } type string, required Specifies the type of script to be executed. Currently, OpenIDM supports only "text/javascript". source string, required if file is not specified Specifies the source code of the script to be executed. file string, required if source is not specified Specifies the file containing the source code of the script to execute.

Examples The following example returns true if the employeeType is equal to external, otherwise returns false. This script can be useful during reconciliation to establish whether the source object should be a part of the reconciliation, or ignored. "validTarget": { "type" : "text/javascript", "source": "object.employeeType == 'external'" } The following example sets the __PASSWORD__ attribute to defaultpwd when OpenIDM creates a target object. "onCreate" : { "type" : "text/javascript", "source": "target.__PASSWORD__ = 'defaultpwd'" } The following example shows a trigger to create Solaris home directories using a script. The script is located in a file, /path/to/openidm/script/createUnixHomeDir.js. { "filters" : [ { "pattern" : "^system/solaris/account$", "methods" : [ "create" ], "onResponse" : { "type" : "text/javascript", "file" : "script/createUnixHomeDir.js" } } ] }

Function Reference Objects Script access Scripting Functions Functions (access to managed objects, system objects, configuration objects) within OpenIDM are accessible to scripts via the openidm object, which is included in the top-level scope provided to each script.

openidm.create(id, value) This function creates a new resource object. Parameters id string The identifier of the object to be created. value object The value of the object to be created. Returns A null value if successful. Throws An exception is thrown if the object could not be created for any reason.

openidm.read(id) This function reads and returns an OpenIDM resource object. Parameters id string The identifier of the object to be read. Returns The read OpenIDM resource object, or null if not found.

openidm.update(id, rev, value) This function updates a resource object. Parameters id string The identifier of the resource object to be updated. rev string The revision of the object to be updated, or null if the object is not subject to revision control. value object The value of the object to be updated. Returns A null value if successful. Throws An exception is thrown if the object could not be updated for any reason.

openidm.delete(id, rev) This function deletes a resource object. Parameters id string The identifier of the object to be deleted. rev string The revision of the object to be deleted, or null if the object is not subject to revision control. Returns A null value if successful. Throws An exception is thrown if the object could not be deleted for any reason.

openidm.query(id, params) This function performs a query on the specified OpenIDM resource object. Parameters id string The identifier of the object to perform the query on. params object An object containing the parameters to pass to the query. Returns The result of the query. Throws An exception is thrown if the given query could not be processed for any reason.

openidm.action(id, params, value) This function performs an action on the specified OpenIDM resource object. Parameters id string The identifier of the object to perform the action on. params object An object containing the parameters to pass to the action. value object A value that can be provided to the action for processing. Returns The result of the action. May be null if no result is provided. Throws An exception is thrown if the given action could not be executed for any reason.

openidm.encrypt(value, cipher, alias) This function encrypts a value. Parameters value any The value to be encrypted. cipher string The cipher with which to encrypt the value, using the form "algorithm/mode/padding" or just "algorithm". Example: AES/ECB/PKCS5Padding. alias string The key alias in the key store with which to encrypt the node. Returns The value, encrypted with the specified cipher and key. Throws An exception is thrown if the object could not be encrypted for any reason.

openidm.decrypt(value) This function decrypts a value. Parameters value any The value to be decrypted. Returns A deep copy of the value, with any encrypted value decrypted. Throws An exception is thrown if the object could not be decrypted for any reason.

Places to Trigger Scripts Scripts can be triggered at different places, by different events. In openidm/conf/sync.json Triggered by situation onCreate, onUpdate, onDelete, onLink, onUnlink Object filter vaildSource, validTarget Correlating objects correlationQuery Triggered on any reconciliation result Scripts inside properties condition, transform In openidm/conf/managed.json onRetreive, onValidate In openidm/conf/router.json onRequest, onResponse

Debugging OpenIDM Scripts OpenIDM includes Eclipse JSDT libraries so you can use Eclipse to debug your OpenIDM scripts during development. To Enable Debugging Follow these steps to enable debugging using Eclipse. Install the environment to support JavaScript development in either of the following ways. Download and install Eclipse IDE for JavaScript Web Developers from the Eclipse download page. Add JavaScript Development Tools to your existing Eclipse installation. Create an empty JavaScript project called External JavaScript Source in Eclipse. Eclipse then uses the External JavaScript Source directory in the default workspace location to store sources that it downloads from OpenIDM. Stop OpenIDM. Edit openidm/conf/boot/boot.properties to enable debugging. Uncomment and edit the following line. #openidm.script.javascript.debug=transport=socket,suspend=y,address=9888,trace=true Here suspend=y prevents OpenIDM from starting until the remote JavaScript debugger has connected. You might therefore choose to set this to suspend=n. Uncomment and edit the following line. #openidm.script.javascript.sources=/Eclipse/workspace/External JavaScript Source/ Adjust /Eclipse/workspace/External JavaScript Source/ to match the absolute path to this folder including the trailing / character. On Windows, also use forward slashes, such as C:/Eclipse/workspace/External JavaScript Source/. Each time OpenIDM loads a new script, it then creates or overwrites the file in the External JavaScript Source directory. Before toggling breakpoints, be sure to refresh the source manually in Eclipse so you have the latest version. Start OpenIDM, and connect the debugger. To create a new debug, configuration click Run > Debug Configurations... > Remote JavaScript > New button, and then set the port to 9888 as shown above.