In its current version, midPoint can easily handle user’s photos. In this blog post, we will show you how to put nice avatar photos of colleagues to JIRA through midPoint.
To do this, we need to configure the Scripted REST Connector in midPoint from samples, create new users in midPoint with photos, add projection to JIRA resource to copy the photos, and of course, the most important part is to have some nice looking colleagues and their photos 🙂
Before we can start configuring midPoint, here are some prerequisites:
- successfully install midPoint,
- successfully install JIRA,
- create accounts for the colleagues,
- enable remote API,
- create a technical account with needed permissions to use this API.
How to configure midPoint
Midpoint configuration can be done by following these steps:
- download scriptedrest-connector-1.1.1.e2.jar binary and put it to {midpoint.home}/icf-connectors directory,
- start tomcat (or restart if already started) to load the new connector,
- download prepared groovy scripts from GitHub samples, create “jira” subfolder and put it to {midpoint.home}/icf-connectors/jira,
- if your JIRA is using HTTPS, import your JIRA certificate to midPoint Keystore or edit TestScript.groovy and uncomment the line starting with “connection.ignoreSSLIssues()” to ignore certificate verification,
- open midpoint in an internet browser and log in,
- download sample resource.xml, in the left menu click on “Resources” / “Import resource definition” / “Choose File“, select downloaded resource.xml, open it and click “Import object“,
- in the menu click “Resources” / “List resources” / “JIRA avatar Scripted REST” and at the bottom of the page click the “Edit configuration” button, and change the following configuration properties:
- “Example Remote User Property” from “admin” to “oscar” (my technical account),
- in line “Example Password Property” click “Change” and set twice related password,
- “endPoint.display” is already preconfigured to Evolveum’s wiki (please change it to your JIRA),
- fill full path to your “Script filename” for “Test“, “Schema“, “Search“, “Create“, “Update” and “Delete” scripts, see below picture:
And at the end, click on the button “Save and test connection” and you will see these green messages:
Don’t worry about Creating or Deleting groovy scripts as these are not implemented yet to create or delete accounts in JIRA, only to handle the correct situations.
How to prepare a user in midPoint
To prepare colleagues in midPoint we do the following:
- log in to midPoint,
- in the left menu click “Users” / “New user“,
- fill in the mandatory field “name” with Username in JIRA (in my case “vera“),
- find the “Jpeg photo” property, click “Choose File” and select the avatar photo,
- at the bottom of the page click “Save“
You can open a created user to check it’s actual state by going to “Users” / “List users” and clicking on “vera” and you will see:
How to send photos from midPoint to JIRA
To send photos from midPoint to JIRA we click in the menu on “Users” / “List users” and click on “vera“. Click on the “Projections” tab, click on the left side of the page on the wheel and click “Add projection“:
Select “JIRA avatar Scripted REST” resource and click “Add“.
At the bottom of the page, click “Save“.
Now we can open JIRA and find the colleagues profile and voila, the avatar picture is here 🙂
In the same way, we can also send avatar pictures to other colleagues.
What happened in the background?
MidPoint started to run CreateScript.groovy, but the account already exists in JIRA and throws AlreadyExistsException. MidPoint caught this Exception and tried to find an existing account over SearchScript.groovy and the returned attributes are stored in the midPoint user (Full name in this case). MidPoint compared new data from JIRA, and found an already filled Jpeg photo, but in JIRA the avatar is empty. MidPoint called UpdateScript.groovy to put the image to JIRA.
But why we are using midPoint to upload colleagues photos to JIRA and not using the built-in feature with GUI?
Yes of course, in this simple use case will be easier to do it directly, but when we also configure resources to confluence wiki, to LDAP, Active Directory, Google Apps, Office 365 or any other system that already has identity connectors, you can only upload a photo once with the midPoint GUI, and after saving, the new photo is provisioned to all of these target systems.