filtering on multi-valued attributes
James Bardin
jbardin at bu.edu
Tue Sep 27 15:38:40 BST 2011
On Tue, Sep 27, 2011 at 10:26 AM, Chad La Joie <lajoie at itumi.biz> wrote:
> On Sep 27, 2011, at 10:20 AM, James Bardin wrote:
>
>> Hello,
>>
>> Is it possible to release an attribute based on matching a single
>> value from within multi-valued attribute?
>
> Yes
>
>> For example, I want to add "member" to eduPersonScopedAffiliation, but
>> that's only valid if:
>
> Filters never add anything so you can't do that.
Sorry, I meant I wanted to release it *if* one of the other values matches.
>
>> - First of all, the filter bails on the first unmatched value, and
>> doesn't get to evaluate further. This my main issue, as I'm unsure how
>> to iterate over all the values in one logical block.
>
> What filter?
My first inclination was to use something like this:
<AttributeRule attributeID="scopedMemberAffiliation">
<PermitValueRule xsi:type="basic:OR">
<basic:Rule xsi:type="basic:AttributeValueString"
attributeID="eduPersonAffiliation" value="staff"/>
<basic:Rule xsi:type="basic:AttributeValueString"
attributeID="eduPersonAffiliation" value="student"/>
<basic:Rule xsi:type="basic:AttributeValueString"
attributeID="eduPersonAffiliation" value="faculty"/>
</PermitValueRule>
</AttributeRule>
>
> The filter engine knows nothing about the encoded form of the attribute. If it's seeing the value "member" it's because it is in a value in the attribute you've specified.
Yeah, the cold meds are messing with my head, it isn't because of the
encoded form. I still don't understand though, why my permit-rule to
match eduPersonAffiliation, is failing with the value that's in
scopedMemberAffiliation.
-jim
More information about the users
mailing list