Thursday, October 12, 2023

Single Account Aggregation

  import sailpoint.object.Application;

  import sailpoint.object.Attributes;

  import sailpoint.object.ResourceObject;

  import sailpoint.object.TaskResult;

  import sailpoint.object.Rule;

  import sailpoint.api.Aggregator;

  import sailpoint.connector.Connector;

  import sailpoint.tools.CloseableIterator;

  import java.util.regex.Pattern;

  import org.apache.log4j.Logger;

  import org.apache.log4j.Level;


  long startTime = System.currentTimeMillis();

  // Initialize the error message to nothing.

  String errorMessage = "";

  String mtaRefreshrule="RuleAdLdsAccountGroupRefresh";

  String rchRefreshrule="ActiveDirectory Account Group Refresh Rule";

  List nativeIdentities= new ArrayList(); 

  //chagnge only below two values

  nativeIdentities.add("CN=testrenamecidm2renamedAgain3,DC=test,DC=com");

  appName="Active Directory";  

  log.error("nativeIdentitiesList:: "+nativeIdentities);

  Application appObject = context.getObjectByName(Application.class, appName);

  String appConnName = appObject.getConnector();


  if(appName.equals("LDAP - MTA")) rule=mtaRefreshrule;

  if(appName.equals("Active Directory")) rule=rchRefreshrule;

  rule=null;


  log.debug("Application " + appName + " uses connector " + appConnName);

  Connector appConnector = sailpoint.connector.ConnectorFactory.getConnector(appObject, null);


  if (null == appConnector)

  {

    errorMessage = "Failed to construct an instance of connector [" + appConnName + "]";

    return errorMessage;

  }

  log.debug("Connector instantiated, calling getObject() to read group details...");

  List resourceObjects = new ArrayList();

  for (String nativeIdentity : nativeIdentities)  {

    ResourceObject rObj;

    try

    {

      rObj = appConnector.getObject("group", nativeIdentity, null);    

      resourceObjects.add(rObj);

      log.debug("Got raw resourceObject: " + rObj.toXml());

    }

    catch (sailpoint.connector.ObjectNotFoundException onfe)

    {

      errorMessage = "Connector could not find group: [" + nativeIdentity + "]";

      errorMessage += " in application  [" + appName + "]";

      log.error(errorMessage);

      log.error(onfe);

      return errorMessage;

    }

    if (null == rObj)    {

      errorMessage = "ERROR: Could not get ResourceObject for group : " + nativeIdentity;

      log.error(errorMessage);

      return errorMessage;

    }

  }

  // Next we perform a miniature "Aggregation" using IIQ's built in Aggregator.

  // Create an arguments map for the aggregation task. 

  // To change this (if you need to), the map contains aggregation options and is the same as the 

  // arguments to the account aggregation tasks.  Some suggested defaults are:

  Attributes argMap = new Attributes();

  argMap.put("descriptionLocale", "en_US");

  argMap.put("accountGroupRefreshRule", rule);

  argMap.put("aggregationType", "group");

  argMap.put("checkDeleted", "true");

  //Construct an aggregator instance.

  Aggregator agg = new Aggregator(context, argMap);


  if (null == agg)

  {

    errorMessage = "Null Aggregator returned from constructor.  Unable to Aggregate!";

    log.error(errorMessage);

    return errorMessage;

  }

  // Invoke the aggregation task by calling the aggregate() method.

  // Note: the aggregateGroup() call may take several seconds to complete.

  log.debug("Calling aggregateGroup() method... ");


  //Rule customizationRule = context.getObjectByName(Rule.class, "RuleGMCustomization");

  Rule customizationRule = appObject.getCustomizationRule();

  for (rObject : resourceObjects)

  {

    if (null != customizationRule)

    {

      log.debug("Customization rule selected for applicaiton " + appName);


      try

      {

        // Pass the mandatory arguments to the Customization rule for the app.

        HashMap ruleArgs = new HashMap();

        ruleArgs.put("context", context);

        ruleArgs.put("log", log);

        ruleArgs.put("object", rObject);

        ruleArgs.put("application", appObject);

        ruleArgs.put("connector", appConnector);

        ruleArgs.put("state", new HashMap());


        // Call the customization rule just like a normal aggregation would.

        ResourceObject newRObj = context.runRule(customizationRule, ruleArgs, null);


        // Make sure we got a valid resourceObject back from the rule.  

        if (null != newRObj)

        {

          rObject = newRObj;


          log.debug("Got post-customization resourceObject: " + rObject.toXml());

        }

      }

      catch (Exception ex)

      {

        // Swallow any customization rule errors, the show must go on!

        log.error("Error while running Customization rule for " + appName);

      }

    }

    aggObject = agg.aggregateGroup(appObject, rObject);

    log.error("aggregation complete for :: " + rObject.toXml());

  }

  long endTime = System.currentTimeMillis();

  long testDuration = endTime - startTime;

  return aggObject;

  log.error("testDuration:: "+testDuration);

  if(aggObject != null) return "success";


  return "fail";



at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Fetch Members from Workgroup

  import java.util.ArrayList;   import java.util.Iterator;   import java.util.List;   import sailpoint.api.ObjectUtil;   import sailpoint.ob...