The Canopy™ Portal Provider writes to the Forefront Identity Manager (FIM) or Microsoft Identity Manager (MIM) Portal via the SOAP web service. In addition to being able to create and modify data for test cases, the Portal provider has built-in XPath reference resolution capabilities that make it well suited to deploying portal configuration.
The Portal provider supports the following fixture and assertion types:
- Add – creates a new object
- Delete – removes one or more objects
- Update – updates one or more objects
- Approval – approves or rejects a request
- Assertion – Tests for existence, non-existence, and attribute values of an object
Additional Functionality
The Portal provider includes the following extended capability:
Schema Scan – object types and attribute names are collected by the schema scan. These enable dropdown lists in the user interface to simplify fixture and assertion creation.
Value Handling
[{{ }}] value – If an entire value is enclosed in square braces, then double-curly braces can be used anywhere inside it to denote sections that should be replaced with rule handling. If the value inside the curly braces is an XPath filter, it will be replaced with the uuid:urn resource ID of the object matching the filter. This allows references to be easily expressed as filters.
The value handling expression may be used to replace environment specific values, e.g. in Workflow XML.
Rule Functions
FileText(fileName) – Returns the text contents of a file, useful for loading email template, RCDC, and workflow XML content
PortalTime(date) – Formats a datetime instance suitably for the portal API
ServerEnv(name) – Looks up the value of an environment variable on the current server
PortalResolve(query, system) – Accepts and XPath filter and returns the associated resource iD
Connection Settings
- Connection String – The primary connection parameter of an Portal provider is the web service connection string (e.g. http://localhost:5725/).
- Credential – Optional credentials may be specified. If using a custom credential the Password Storage license key is required
- Service Identity – The UPN of the FIMService service account
Portal Add
The Portal Add fixture creates a new portal object. If the object already exists it switches to an update.
- Search Filter – A mandatory XPath filter for determine if the object already exists. If no object is found matching the filter a new one will be created
- Object Type – The kind of object to create
- Display Name – Value for the object's display name field. If an empty display name is desired use [null] or [""]
- Description – Optional object description
- Approval Expected – If true, the fixture will fail unless it triggers an authorization workflow
- Failure Expected – Used for negative testing, can indicate that the fixture is expected to receive an error code from the API
- Attributes – Single-value attributes to populate
- Multivalue Attributes – Multi-valued attributes to populate. Reference attributes may be populated either by using the ResolveDN function, or more simply by enclosing an XPath filter in square braces, e.g. [/Person[DisplayName='Administrator']]
- Credential – Optional user context to execute the fixture under
Portal Update
The Portal Update fixture has virtually the same attributes and functionality as the add fixture. The only difference is the omission of the Object Type, Display Name, and Description fields (Display Name and Description may still be edited as regular attributes though).
The Update fixture may affect multiple objects if the search filter matches more than one. There are performance considerations with very large enumerations though, so if more than a few tens of objects must be updated, it is preferable to iterate a list with a Load fixture.
Portal Delete
The Portal Delete fixture removes all objects matching the Search Filter property.
Portal Approval
The Portal Approval fixture may be used to approve or reject a request. Unlike most fixtures the approval fixture will almost always have the optional credential specified, since approvals are usually targeted to specific user or group of users.
The Search Filter parameter should identify the approval object in need of response. For example: [$"/Approval[Approver=/Person[AccountName='{Memo("approver")}'] and Requestor=/Person[AccountName='{Memo("requestor")}']]"]
Portal Assertion
The Portal assertion checks for existence and attribute state of portal objects.
- Search Filter – Identifies the object(s) to be asserted against. If multiple objects are returned only the first one will be used fro value assertions
- Not Exists – Inverts the assertion to validate for non-existence of an object matching the filter
- Attributes – Assertion against single-value attributes
- MultiAttributes – Assertions against multi-value attributes
This document was audited: April 20, 2018
Comments
0 comments
Please sign in to leave a comment.