Unit
Units in nevisIDM are the equivalent to organizational units in companies. Just like in an organisation, nevisIDM units can form one or more hierarchical trees. Each unit tree has its own root unit. Based on units, users can be assigned the so-called unit or application data rooms. Both the hierarchical structure of units and data rooms are shown in Fig. 1 (of the Authorization chapter) to give a first idea. For details about data rooms, see the chapter: Authorization in nevisIDM.
Database table TIDMA_UNIT
| DB attribute | Java data type (max. size), defaults | Description |
|---|---|---|
| abbreviation_dict_entry_id | Long, nullable | The unit's abbreviation in various languages. Foreign key that links to information in the table TIDMA_DICT_ENTRY. |
| client_id | Long, not NULL | The client the unit belongs to. Foreign key that links to information in the table TIDMA_CLIENT |
| description | String(1000), nullable | |
| displayname_dict_entry_id | Long, nullable | The unit's display name in various languages. Foreign key that links to information in the table TIDMA_DICT_ENTRY. |
| extid | String(50), not NULL | External identifier |
| hname | String(4000), nullable | The unit's hierarchical name describing the unit hierarchy from the top unit down to the actual unit. Format of hname:/<extId of top unit>/<extId of level1 unit>/... /<extId of current unit> |
| hname_dict_entry_id | Long, nullable | The unit's hierarchical display name in various languages. Foreign key that links to information in the table TIDMA_DICT_ENTRY |
| location | String(50), nullable | Optional hint where the unit is located. |
| modification_comment | String(1000), nullable | Comment of related add/update/delete action. |
| name | String(50), not NULL | |
| parent_id | Long, nullable | Defines the unit's parent unit. If NULL, the unit is a main unit. Foreign key that links to information in the table TIDMA_UNIT |
| policy_configuration_id | Long, nullable | The policy configuration that belongs to the unit. |
| profileless | Boolean, not NULL | Determines if the unit may be assigned to profiles. If set to "true", no profiles can be assigned to the unit. It is not possible to set this flag to true for the default unit. The profileless flag can be changed to "true" for units with no profile or for units that are assigned only to archived profiles. |
| state_id | Long, not NULL | State of the unit. Available states are: active; disabled |
| unit_id | Long, not NULL | Primary key (uniquely identifies each individual DB entry) |
| valid_from | Date, nullable | The unit is valid from the valid_from date onward. If this date is in the future, any profile directly in this unit is not allowed to log in. The "Null" value means no restriction. |
| valid_to | Date, nullable | The unit is valid until the valid_to date. If this date is in the past, any profile directly in this unit is not allowed to log in. The "Null" value means no restriction. |
Database table TIDMA_UNIT_PATH
The database table TIDMA_UNIT_PATH is a helper table that stores the hierarchical path of the unit. When you modify a unit, the path will be updated automatically as long as you use official APIs. If you update the unit via SQL, make sure to also update the unit path accordingly. Or use the batch job RecreateLocalizedHnamesJob, which recreates all hierarchical information of a unit.
| DB attribute | Java data type (max. size), defaults | Description |
|---|---|---|
| unit_id | Long, not NULL | Foreign key that links to information in the table TIDMA_UNIT. |
| path | String, not Null | The path of the unit in the hierarchical tree, based on the unit IDs. For example: "/1000/2013/2134"In this example path, "2134" is the ID of the current unit, and "2013" the ID of its parent. |
Database table TIDMA_UNIT_CRED_POLICY
This table holds the assignments of credential policies to units. These assignments are used as "restriction". If there is at least one assignment for a specific unit and credential policy type, then only these policies can be used for new credentials of a user that belongs to that unit. If there is no such assignment, all policies of the given credential policy type may be assigned to the new credential.
| DB attribute | Java data type (max. size), defaults | Description |
|---|---|---|
| cred_policy_id | Long, not NULL | Foreign key that links to information in the table TIDMA_POLICY |
| default_policy | Boolean, not NULL | Defines if the credential policy is the default one among the credential policies assigned to the unit and of the same policy type. |
| unit_cred_policy_id | Long, not NULL | Primary key (uniquely identifies each individual DB entry) |
| unit_cred_policy_id | Long, not NULL | Primary key (uniquely identifies each individual DB entry) |
| unit_id | Long, not NULL | Foreign key that links to information in the table TIDMA_UNIT |