Using LDAP in Script Field Processor

- 1.1 How it works
- 1.2 Available LDAP helper methods
- 1.3 Example
- 1.4 Screenshot
- 1.5 Full access to multiple-result attributes
  - 1.5.1 Example Script
  - 1.5.2 Console output
  - 1.5.3 Edit time screenshot
2 Searching for a single user
- 2.1 Get all user attributes:
  - 2.1.1 Execution result:
- 2.2 Get specific user attributes:
  - 2.2.1 Execution result:

Since JEMH 3.3.46

Its now possible to query LDAP from within the Script Field Processor (as well as in the Custom Field Default) through the jemhUtils helper class:

How it works

In order to use LDAP you will need to have LDAP setup /selected within the profile, meaning alternateID → ldap, create from → ldap, even if ‘user creation’ is not enabled (UI limitation) talk to us if you need something else!

By default, just calling jemhUtils.getLdap() will provide an LDAP helper class initialized with the first selected ldap config in the profile, if there are more than one configs selected, a report message will be added in the LDAP section to point this out.

Available LDAP helper methods

public IJEMHUser getUserDetails(String ldapUsername)
public IJEMHUser getUserDetailsByEmailAddress(String emailAddress)
public List<IJEMHUser> searchWildcarded(String partialLdapFilter)
public Map<String, List<Object>> getAllUserAttributes(String fullLdapFilter);
public Map<String, List<Object>> getLimitedUserAttributes(String fullLdapFilter, String[] requiredReturnAtts);
public Map<String, Map<String, List<Object>>> search(String fullLdapFilter, String[] requiredReturnAtts, int maxResults);

Spec of LDAPUser

public String getUserId();
public void setUserId(String userId);
public String getFullName();
public String getEmail();
public void setEmail(String email);
public String getFirstName();
public void setFirstName(String firstName);
public String getLastName();
public void setLastName(String lastName);
public JemhUserNameFormat getFullNameFormat();
public void setFullNameFormat(JemhUserNameFormat fullNameFormat);
public String[] getProxyAddresses();
public void setProxyAddresses(String[] proxyAddresses);
public void setDisplayName(String value);
public String getDisplayName();
public boolean isUserEnabled();
public void setUserEnabled(boolean isEnabled);
public ApplicationUser getJiraUser();
void setObjectClasses(String[] split);
public String[] getObjectClasses();
public void setPreferredUserDirectoryForCreate(Long preferredUserDirectoryForCreate);
public Long getPreferredUserDirectoryForCreate();

Example

var ldap=jemhUtils.getLdap();
print('ldap = '+ldap.getClass().getName());
var username='andy';
var ldapUser = ldap.getUserDetails(username);
if (ldapUser != "null") {
    print('user record for andy: '+ldapUser.getEmail());
} else {
    print('no user found: '+username);
}

Screenshot

Here we show the above script, along with a related Test Case being dynamically evaluated:

Full access to multiple-result attributes

Example Script

Console output

Edit time screenshot

Searching for a single user

Results:

Get all user attributes:

If the user filter finds many users, only the first is returned - i.e., if you search by email, be sure there is only ONE user in the directory with that “mail” attribute value!