Solution

Define user registration dynamic attributes:

1. Navigate to Global Configuration à Identity Lifecycle à Register User Form
2. Click on Action àAdd Attributes
3. Fill in details like attribute name, attribute type, etc.
4. Define default values for the attribute (if any)
5. Define other details like Validation condition, validation message, etc. (if required)
6. Action String can be defined for ENUM or Single SQL type of dynamic attributes which can be used to show/hide other dynamic attributes on basis of value selected in parent attribute
7. Click on Save to create the dynamic attribute

Sample Form on the UI:

Define parent child relationship between dynamic attributes or cascading dynamic attributes

We can define cascading dynamic attributes or dynamic attributes having parent child relationship – for example when the user selects a specific department, we can have the child attribute show only the managers/sponsors belonging to that department, or job descriptions related to that department, etc.

Sample to define dynamic attribute(s) and define parent child relationship in them:

1. Define the parent dynamic attribute to show the available departments in the organizations – Below example uses a Single select SQL to show the various department names within the organization

Query: select distinct departmentname as ID from users where userkey=$loggedInUser.id and departmentname is not null union select distinct departmentname as ID from users where departmentname is not null and exists (select userkey from user_savroles where ROLEKEY=1 and USERKEY=$loggedInUser.id)

Default query: select distinct departmentname as ID from users where userkey=$loggedInUser.id

1. Define a child dynamic attribute which refers the parent dynamic attribute value in the query – below example uses a Single select SQL to show all managers within the department name

Query: select distinct m.username as ID, m.displayname as inlinedescription  from users u  join users m on u.manager=m.userkey  where m.departmentname=$departmentname

1. Define a child dynamic attribute which refers the parent dynamic attribute value in the query – below example uses a Single select SQL to show all job code descriptions within the department name

Query: select distinct jobcodedesc as ID from users where departmentname=$departmentname

Sample screenshot of how the above attributes behave on the create user form:

a. When the department name is selected as Administration, the managers list shows the following users

b. When the department name is selected as Finance, the managers list shows the following users

c. When the department name is selected as Administration, the job code descriptions list shows the following values

d. When the department name is selected as Finance, the job code descriptions list shows the following values

Show/Hide dynamic attributes on basis of a parent dynamic attribute:

The Action String in a dynamic attribute can be utilized to show/hide child dynamic attributes based on parent dynamic attribute values. One must mention all the possible values in the parent dynamic attribute in the action string and should define unique action for each value as to whether to show or hide the child dynamic attribute.

The format of an Action String is in the following format –

HIDE###emailaddress###Employee___SHOW###emailaddress###Contractor___SHOW###emailaddress###Visitor

Suppose we have a parent dynamic attribute of type Single Select SQL which has the following values in the drop-down – Employee, Contractor and Visitor. There is another dynamic attribute called as emailaddress which is of type String and is required for Contractor or Visitor type of users only and is not required to be filled in for Employees.

The above Action String must be defined in the parent attribute and “What action to perform when Parent attribute changes?” in the parent attribute must be set to Mapping. Then while creating the user through the form, when an end user selects “Employee” in the parent drop down, then emailaddress child dynamic attribute gets hidden. Whereas when the end user selects Contractor or Visitor in the parent dropdown, then emailaddress is shown to the user.

Sample to define dynamic attribute and use show/hide functionality:

1. Define a dynamic attribute to show the type user the end user can create – Below example uses Single select SQL to show various values like Employee, Contractor and Visitor

Query: select 'Employee' as ID, 'Create Employee' as inlinedescription union select 'Contractor' as ID, 'Create Contractor' as inlinedescription union select 'Visitor' as ID, 'Create Visitor' as inlinedescription

Default value or query: select 'Please select form type' as ID

Action String: HIDE###firstname###Please select form type___HIDE###middlename###Please select form type___HIDE###lastname###Please select form type___HIDE###generateusername###Please select form type___HIDE###username###Please select form type___HIDE###departmentname###Please select form type___HIDE###manager###Please select form type___HIDE###jobcodedesc###Please select form type___HIDE###location###Please select form type___HIDE###employeeid###Please select form type___HIDE###emailaddress###Please select form type___SHOW###firstname###Employee___SHOW###middlename###Employee___SHOW###lastname###Employee___SHOW###generateusername###Employee___SHOW###username###Employee___SHOW###departmentname###Employee___SHOW###manager###Employee___SHOW###jobcodedesc###Employee___SHOW###location###Employee___SHOW###employeeid###Employee___HIDE###emailaddress###Employee___SHOW###firstname###Contractor___SHOW###middlename###Contractor___SHOW###lastname###Contractor___SHOW###generateusername###Contractor___SHOW###username###Contractor___SHOW###departmentname###Contractor___SHOW###manager###Contractor___SHOW###jobcodedesc###Contractor___SHOW###location###Contractor___HIDE###employeeid###Contractor___SHOW###emailaddress###Contractor___SHOW###firstname###Visitor___SHOW###middlename###Visitor___SHOW###lastname###Visitor___SHOW###generateusername###Visitor___SHOW###username###Visitor___SHOW###departmentname###Visitor___SHOW###manager###Visitor___HIDE###jobcodedesc###Visitor___SHOW###location###Visitor___HIDE###employeeid###Visitor___SHOW###emailaddress###Visitor___HIDE###userid###Please select form type___HIDE###userid###Employee___HIDE###userid###Contractor___HIDE###userid###Visitor___HIDE###TestAttribute###Please select form type___SHOW###TestAttribute###Employee___SHOW###TestAttribute###Contractor___SHOW###TestAttribute###Visitor___HIDE###modificationnote###Please select form type___HIDE###modificationnote###Employee___HIDE###modificationnote###Contractor___HIDE###modificationnote###Visitor___

Notes:

1.  With the above Action String configured, when the user creation form loads, all the other dynamic attributes such as firstname, lastname, username, departmentname, emailaddress, etc. gets hidden because all dynamic attributes are marked to HIDE when the value of the parent attribute is ‘Please select form type’
2. Similarly, the child dynamic attribute ‘userid’ is marked to HIDE for any value in the parent dynamic attribute
3. However, the dynamic attribute ‘jobcodedesc’ this is marked to HIDE when the parent’s value is either ‘Please select form type’ or value selected from drop down is ‘Visitor’. When the value selected is either ‘Employee’ or ‘Contractor’ then the ‘jobcodedesc’ attribute is marked to SHOW on the form
4. Similarly, in the above action string, the attribute ‘emailaddress’ is marked to SHOW only when the value selected in the dynamic attribute is either ‘Contractor’ or ‘Visitor’. Otherwise, the attribute ‘emailaddress’ is marked to HIDE for ‘Employee’

Sample screenshot of how the above attributes behave on the create user form:

Please note that every other attribute other than Form Type is hidden because the current value in the parent attribute is ‘Please select form type’

The available values in the form type are Contractor, Employee and VisitoWhen Contractor is selected in the dropdown

a. When Employee is selected in the dropdown – Email address gets hidden

b. When Visitor is selected from the dropdown – Job description gets hidden and Email address shows up

Define a dynamic attribute to calculate username on basis of first and last name of the user:

We can use a SQL type of dynamic attribute to access the string given as input for first and last name of the user. Since we need to trigger an update in the username dynamic attribute to calculate the value of the username, we need an extra attribute which will trigger a refresh action on the username dynamic attribute. Please find below the example on how to achieve this.

Sample dynamic attributes which are used to calculate username

1. Define two string type of dynamic attributes to take inputs for first and last name

1. Define another attribute to drive the refresh of the username dynamic attribute – This could be of type Single Select SQL with values as Yes and No

Query: select 'Yes' as ID union select 'No' as ID

Validation Condition: ${generateusername.equals('Yes')}

1. Define a dynamic attribute of type SQL single select to generate username

Query: SELECT lower(concat(${firstname},'.',${lastname}, if(count(username)=0,'',convert(count(username),UNSIGNED)))) as ID FROM users WHERE username like concat(${firstname},'.',${lastname},'%') HAVING ID IS NOT NULL and 'Yes'=${generateusername} and ${firstname}!='' and ${lastname}!='' and ${createformtype} != 'Visitor' union all select ${emailaddress} as ID from dual HAVING ID IS NOT NULL and 'Yes'=${generateusername} and ${createformtype} = 'Visitor' and ${emailaddress} != '' LIMIT 1;

Notes:

1. ${firstname}, ${lastname}, ${createformtype}, ${emailaddress}, ${generateusername} are all various dynamic attributes in the user creation form
2.  In the above query, we are trying to generate a username only when the createformtype dynamic attribute is not selected as ‘Visitor’. When the createformtype is selected as ‘Visitor’, the query returns the email address which has been given as an input in the emailaddress dynamic attribute
3.  The above query returns the username in the format firstname.lastname in which both firstname and lastname are dynamic attributes. If there is already an existing user with given firstname.lastname combination, then the query returns the username in the format of firstname.lastname<<number>> - in which number will be an increment of the last value. Hence, usernames will be generated like – amit.krishnajit, amit.krishnajit1, amit.krishnajit2 and so on
4. We can use any available SQL function in the query which is defined for username
5. The same query can be used in the default value as well, so that the user does not have to select the username manually and it gets selected automatically

Sample screenshot of how the above attributes behave on the create user form:

a. When the Form type is Employee, the username is created from first and last name

b. When the Form type is Visitor, the username is picked up from the email address field

Use logged in user’s context to derive values in dynamic attribute:

We can use the logged in user’s context to derive values in user dynamic attributes. This generally comes handy when we want to control the values in the drop down or when we want to control which attributes are to be shown/hidden for which type of end users, etc.

Example – When a sponsor/manager is creating another user, they will be creating a contractor or employee user in their own department or cost centre or location. Hence, we can restrict the department or cost centre or location dropdown values on basis of attributes of the logged in user. Like a user from Finance department would be creating users who will be working in Finance department and will not be part of Administration team or any other.

Sample dynamic attributes which use logged in user’s context

1. Define a Single select SQL type of dynamic attribute to show the available departments in the dropdown the user to select

Query: select distinct departmentname as ID from users where userkey=$loggedInUser.id and departmentname is not null union select distinct departmentname as ID from users where departmentname is not null and exists (select userkey from user_savroles where ROLEKEY=1 and USERKEY=$loggedInUser.id)

Default value/query: select distinct departmentname as ID from users where userkey=$loggedInUser.id

Notes:

1. The above query returns the departmentname of the logged in user or the end user who is creating a new user
2. The above query also returns all other departmentnames available in the system if the logged is user is an admin user or has access to ROLE_ADMIN SAV Role
3. The default query is used to auto populate the department name dynamic attribute and it always returns the departmentname of the logged in user

Sample screenshot of how the above attributes behave on the create user form:

a. The logged in user is an administrator and has access to ROLE_ADMIN SAV Role

b. The logged in user is a normal end user having basic access, hence the user can create users only in their respective department

References