Bug 49779 – make LDAP filter of appcenter IDM notifications (Push) configurable

Bug 49779 - make LDAP filter of appcenter IDM notifications (Push) configurable


Summary:	make LDAP filter of appcenter IDM notifications (Push) configurable

Status:	NEW

Product:	UCS
Classification:	Unclassified
Component:	App Center
Version:	UCS 4.4
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	---
Assigned To:	App Center maintainers
QA Contact:	App Center maintainers

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2019-07-03 09:15 CEST by Daniel Tröder
Modified:	2020-06-03 09:49 CEST (History)
CC List:	5 users (show)

See Also:
What kind of report is it?:	Bug Report
What type of bug is this?:	2: Improvement: Would be a product improvement
Who will be affected by this bug?:	1: Will affect a very few installed domains
How will those affected feel about the bug?:	2: A Pain – users won’t like this once they notice it
User Pain:	0.023
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Daniel Tröder

2019-07-03 09:15:23 CEST

The LDAP filter of the listener module generated by the app center is either '(|(univentionObjectType=users/user))' or '(|(univentionObjectType=groups/group))'.

Create a field in the appcenter provider portal to set a custom LDAP filter.

It could be either an additional filter for a "user" or "group" filter → "&((univentionObjectType=users/user)(CUSTOM_FILTER))"
or it could be a completely custom filter allowing for listener modules for arbitrary LDAP objects.

Comment 2 Michel Smidt 2020-06-03 09:49:39 CEST

For various reasons (data privacy, data security and performance), it would be helpful if it were possible to apply a filter over the app center push notifications: http://docs.software-univention.de/app-provider-4.4.html#provisioning:push
e.g. via UCR variable
Especially in large installations, many changes (especially to users) occur automatically, which would not always have to be chased through all installed apps. For compliance purposes, however, the "filtering out" would have to be somehow logged per object.