Basic structure of an input option
With an input option, you create the prerequisite for the user to enter data into a form.
Prior to the actual input possibility, the allocation, e.g. for which LDAP attribute the input is to be made.
Example of an assignment in templates for users / groups / contacts
"Name": "sn",
"Definition": {
Properties listing
}
The properties define how the input option is displayed and how it behaves.
See the following sections for more information.
Frequent properties
| "Type": | Specifies the type of the input field. |
| Optional: | no |
| Characteristics: | This entry must be the first within the definition. |
| Possible values: | Depending on the template type. An overview of the available types can be found here. |
| Default value: | |
| Example: | "Type": TextArea |
| "Label": | The label of the input field to be displayed. |
| Optional: | yes |
| Characteristics: | |
| Possible values: | any text |
| Default value: | |
| Example: | "Label": "['en-us:name', 'de-de:Name', 'fr-fr:Nom']" |
| "DefaultValue": | A value already pre-filled when the form is loaded. |
| Optional: | yes |
| Characteristics: | depends on Type, see TextArea, MultiValueText, DropDownList |
| Possible values: | any text |
| Default value: | |
| Example: | "DefaultValue": "This is a pre-filled value." |
| "Items": | An items list for a drop down menu. |
| Optional: | no |
| Characteristics: | used only in DropDownList |
| Possible values: | listing |
| Default value: | |
| Example: |
"Items": [ { "Value": "Berlin", "DisplayValue": "Berlin - Germany" }, { "Value": "Paris", "DisplayValue": "Paris - France" } ] |
| "DisplayValue": | Value displayed in conjunction with Value. |
| Optional: | yes |
| Characteristics: | for DropDownList and FixedValue |
| Possible values: | any text |
| Default value: | |
| Example: | "Value": "Berlin", "DisplayValue": "Berlin - Germany" |
| "Value": | Actual value, in conjunction with "DisplayValue". |
| Optional: | yes |
| Characteristics: | for DropDownList and FixedValue |
| Possible values: | any text |
| Default value: | |
| Example: | "Value": "Berlin", "DisplayValue": "Berlin - Germany" |
Constraints
Use constraints to define:
- Conditions that must be fulfilled when entering the data
- Creation rules
The specification of constraints is optional.
If you define constraints for LDAP attributes, Access Rights Manager checks whether the Active Directory also uses constraints for the attribute. If so, the stricter condition is applied. Access Rights Manager shows in the server health check which conditions are used.
Available constraints (all optional)
- "MaxLength": maximum length. Default: -1 (unlimited).
- "ForbiddenChars": Specifies which characters can not be used. Default: [] (empty list).
- "ValidationRule": Regular Expression. Conditions that the entered text must meet.
- "ValidationInformation": Tooltiptext, der bei Verletzung der Constraints angezeigt wird.
- "UniquenessConstraint": "properties/ldap/uniqueness" Ensures that the input for AD attributes is unique (prevents duplicates). This constraint works in templates for creating new users and with AD attributes only.
- "CreationRule": A creation rule that automatically calculates and uses the value for the field. Only allowed if DefaultValue is not set.
Additional validity checks and visibility controls are available for Open Order Templates.
Example
"Constraints": {
"MaxLength": 20
"ForbiddenChars": ["ö","ä","ü","ß"],
"ValidationRule": "(?=.*[A-Z])",
"ValidationInformation":
"Use a maximum of 20 characters, no umlauts and at least one uppercase letter."
"CreationRule": "<toLowerCase>(<firstLetter>({givenname}).{sn})",
}
Multilanguage templates
Templates can be designed multilingual.
The language selected at ARM login is used for the display. If there is no entry for the selected language, the first language is used.
Example
"Key": "Name",
"Value": {
"Type": "TextField",
"DefaultValue": "",
"IsRequired": "true",
"Label": "['en-us:name', 'de-de:Name', 'fr-fr:Nom']"
}
You can find more examples (.example) provided with the setup under:
%programdata%\protected-networks.com\8MAN\data\templates
Creation rules
All input fields that can contain a constraints field can define a CreationRule within the constraints field, which automatically calculates the value of the field.
Creation rules are only valid if you do not define a default value.
Creation rules can be linked to one another as desired, e.g. „<firstLetter>({givenname}).{sn}@[fqdn]“. Spaces are also relevant.
The creation rule is also executed when the field:
- Is hidden ("IsHiddenFromRequester": true or "IsHidden": true)
- Is not editable ("IsEnabled": false)
Possibilities for creation rules
{sn}
This text is replaced by the current value of the input field for the LDAP attribute specified in curly braces (in this example, "sn").
This also works if the referenced input field is hidden and / or not editable.
If the referenced field contains a creation rule, it is executed first. The order of execution is calculated on the basis of such field dependencies. If the creation rules of a template form a cyclic field dependency (for example, if the creation rule for "sn" contains {cn} and that for "cn" {sn}), the template is rejected as invalid. The error is displayed in the server health check.
[fqdn]
This text is replaced by the domain name defined in the template (FullQualifiedDomainName).
Hello 123
Strings are accepted one by one, in this case "Hello 123".
The following special characters must be escaped with a backslash (\): backslash, round brackets, braces, comma.
Note: In JSON format, the double quotes and the backslash must be escaped with a backslash. Backslashes in creation rules must therefore be doubled, e.g.
- "\\(" for the round bracket
- "\\\\" for a single backslash
A simple solution is provided by online tools that perform escaping for the JSON format e.g. http://www.infobyip.com/jsonencoderdecoder.php. So you only have to manually perform the escaping for the creation rules.
<firstLetter>(…)
Returns the first character of the argument.
Example
<firstLetter>(Hello) is replaced by "H".
<toUpperCase>(…)
Converts the argument to uppercase.
Example
<toUpperCase>(Hello) is replaced by "HELLO".
<toLowerCase>(…)
Converts the argument to lowercase.
Example
<toLowerCase>(Hello) is replaced by "hello".
<trim>(…)
Deletes spaces at the beginning and end of the argument.
Example
<trim>( Hello ) is replaced by "Hello".
<subst>(…)
Deletes blanks and hyphens from the argument, replacing letters with accents by letters or combinations of letters
without accents.
Example
<subst>(Zoë Roßmäßler-Öker) is replaced by "ZoeRossmaesslerOeker".
<replace>(.,.,.)
<replaceOnce(.,.,.)>
Replaces characters.
Examples
<replace>(the dog and the fox,the,a) = "a dog and a fox"
<replaceOnce>(the dog and the fox,the,a) = "a dog and the fox"
<replace>(Norbert Van Eggert, ,) = "NorbertVanEggert"
<replace>(Norbert Van Eggert, ,.) = "Norbert.Van.Eggert"
<reverse>(...)
Reverses the order of the characters.
Example
<reverse>(apfel) = "lefpa"
<regExpr>('…',…)
Specifies the first match of the regular expression (within the single quotation marks), applied to the second
argument (begins immediately after the comma, spaces after the comma are counted).
Example
<regExpr>('.{3}',Hello) Is replaced by "Hel".
All common regular expressions are supported. As a special feature, the grouping construct (? <This> ...) is also
supported. The match on this group is returned.
Example
<regExpr>('.{3}(?<this>.*)',Hello) Is replaced by "lo".
There are online tools that can be used to test regular expressions, e.g. http://regex101.com.
All functions can be arbitrarily nested.
Example
<regExpr>('.{1}',<trim>(<toLowerCase>({sn})))
Complex example for an email address validation
"Name": "emailaddresses",
"Definition": {
"Type": "TextArea",
"Label": "Email addresses",
"IsRequired": true,
"IsEnabled": true,
"Constraints": {
"MaxLength": 500,
"ValidationRule": "^((([a-z][a-z0-9]+:)?([A-Z][A-Z0-9]+:)?(\\w+([-+.']\\w+)*@\\w+([-.]\\w+)*\\.\\w+([-.]\\w+)*(\\r\\n)?\\n?)+)*)$",
"ValidationInformation": "Does not match the email format!",
"CreationRule" : "SMTP:<tolowerCase>({samaccountname})@<tolowerCase>([fqdn]) \r\nsmtp:<tolowerCase>(<firstLetter>({givenname})).<tolowerCase>({sn})@<tolowerCase>([fqdn])"
}
}
LookupTable
With LookupTable, you create pairs of values that you use to fill fields automatically.
A definition for a lookup table has the following format:
- LookupTableId: This identifier is used to refer to the lookup table for additional fields.
- LookupTable: Value pairs of the table. The assignment is always one-to-one.
In the following example, the user selects a company in a drop-down. Depending on the choice, the street, zip code, city are defined.
Define value pairs
"LookupTables": [
{ "Name": "LookupTableStreet",
"Definition": {
"Type": "LookupTable",
"LookupTableId" : "Street",
"LookupTable" : {
"Demo Company Holding": "Demostreet 1",
"Demo Company Marketing Solutions": "Demostreet 2",
"Demo Company Services": "Demostreet 3"
}
}
},
{ "Name": "LookupTableZIPcode",
"Definition": {
"Type": "LookupTable",
"LookupTableId" : "ZIPcode",
"LookupTable" : {
"Demo Company Holding": "10000",
"Demo Company Marketing Solutions": "20000",
"Demo Company Services": "90000"
}
}
},
{ "Name": "LookupTableCity",
"Definition": {
"Type": "LookupTable",
"LookupTableId" : "City",
"LookupTable" : {
"Demo Company Holding": "Berlin",
"Demo Company Marketing Solutions": "Hamburg",
"Demo Company Services": "Munich"
}
}
}
]
Drop down menu and fill fields
{ "Name": "company",
"Definition": {
"Label": "Company"
"Type": "DropDownList",
"Items": [
{ "Value": "Demo Company Holding", "DisplayValue": "Demo Company Holding" },
{ "Value": "Demo Company Marketing Solutions", "DisplayValue": "Demo Company Marketing Solutions" },
{ "Value": "Demo Company Services", "DisplayValue": "Demo Company Services" }
],
}
},
{ "Name": "streetAddress",
"Definition": {
"Label": "Street"
"Type": "TextField",
"IsEnabled": false,
"Constraints": {
"CreationRule": "<lookup>(Street,{company})"
},
}
},
{ "Name": "postalCode",
"Definition": {
"Label": "ZIP"
"Type": "TextField",
"IsEnabled": false,
"Constraints": {
"CreationRule": "<lookup>(ZIPcode,{company})"
},
}
},
{ "Name": "l",
"Definition": {
"Label": "City"
"Type": "TextField",
"IsEnabled": false,
"Constraints": {
"CreationRule": "<lookup>(City,{company})"
},
}
},
Hide input fields