User Provisioning Feed to CIM-Courses
Overview
The User Provisioning Feed provides information to CIM Courses about people who have certain administrative authorizations. The information is drawn from the Roles database and the People API. CIM Courses then uses this information to allow these people to edit subjects and proposals.
The information is sent on a nightly basis by the User Provisioning Feed, an automatic scheduled batch process implemented as part of the mit-subjects Cloudhub application.
Implementation
In the mit-subjects application, the XML file that contains the flows used in the User Provisioning Feed is:
cim-user-provisioning-outbound-feed.xml
The top-level flow that controls the data feed is cim-user-provisioning-outbound-feedFlow. The logic in this flow is:
- Cron-scheduled poll component to trigger the feed on a regular basis (nightly). The current schedule (2/22/2019) is 8.05pm. The property that controls the schedule is user.provisioning.feed.schedule.
- Retrieve list of people from the Roles API who have any of the following roles in the REG category:
- SUBJ_DEPT_ADMIN
- SUBJ_DEPT_ADMIN_FSEM
- SUBJ_FACULTY
- For each person retrieved from the Roles API, add information from the People API.
- Format the list of people as CSV data.
- Send the CSV data as a file to the Courseleaf SFTP server.
Things to Note
1. Error Handling
If an unexpected error occurs during the processing of the data feed, email is sent to a list (cim-courses-support@mit.edu) with the subject line “Error in User-Provisioning Outbound Feed (prod environment)”. The body of the email message contains details about the error.
The property that defines the email recipient address is cim.email.to.
2. Courseleaf SFTP Server
Authentication to the Courseleaf SFTP server is by username and password.
There are other batch processes within mit-subjects that communicate with this SFTP server, so attributes like the server name, port, username, and password are used by all of these batch processes, including the User Provisioning Feed. The only SFTP attributes that are specific to the User Provisioning Feed are the Path (target directory) and Output Pattern (file name).
The relevant properties for SFTP are:
courseleaf.sftp.server courseleaf.sftp.user courseleaf.sftp.password courseleaf.sftp.port courseleaf.sftp.filename courseleaf.sftp.path courseleaf.sftp.delete.file courseleaf.sftp.userprov.path courseleaf.sftp.userprov.filename
The User Provisioning Feed’s Output Pattern (file name) property looks like this:
/~/userprovisioning
This is a relative path, and refers to the "userprovisioning" subdirectory under the default SFTP login directory. Use of this relative path means that the same value can be used across dev, test, and production.
Output File Format
The file sent to Courseleaf is a CSV file with one row per person and with the following columns:
FIRST_NAME
LAST_NAME
KERBEROS_NAME
EMAIL
QUALIFIERS ("FSEM" if the person has FSEM authorization, blank if not)
A sample of the data:
FIRST_NAME,LAST_NAME,KERBEROS_NAME,EMAIL,QUALIFIERS "Jane","Admin","jadmin","jadmin@mit.edu","FSEM" "Frankie","Ng","frang","frang@mit.edu",""