Fetch Members from Workgroup

  import java.util.ArrayList;

  import java.util.Iterator;

  import java.util.List;

  import sailpoint.api.ObjectUtil;

  import sailpoint.object.Identity;

  import sailpoint.tools.GeneralException;

  List workgroupMembersList = new ArrayList();

  try {

    Identity objectByName = context.getObjectByName(Identity.class, "Operations");

    Iterator workgroupMembers = ObjectUtil.getWorkgroupMembers(context, objectByName, null);

    while (workgroupMembers.hasNext()) {

      Object[] object = (Object[]) workgroupMembers.next();

      Identity identity = (Identity) object[0];

      workgroupMembersList.add(identity.getName());

    }

  } catch (GeneralException e) {

    log.error("GeneralException : "+e.getMessage());

  }

  return workgroupMembersList;

Create group in OpenLdap

import sailpoint.connector.Connector;

import sailpoint.connector.LDAPConnector;

import sailpoint.object.Application;

import sailpoint.object.Attributes;

import sailpoint.object.Link;

import sailpoint.object.Identity;

import sailpoint.api.SailPointContext;

import sailpoint.tools.GeneralException;

import sailpoint.tools.Util;

import java.util.HashMap;

import java.util.Map;

import javax.naming.directory.BasicAttributes;

import javax.naming.directory.BasicAttribute;

Application ldapApp = context.getObjectByName(Application.class, "Mighty Application Name"); // Replace with your LDAP application name

// Initialize the LDAP connector

Connector connector = ldapApp.getConnector();

LDAPConnector ldapConnector = (LDAPConnector) connector;

String groupName = "mygroup";  

String groupBaseDN = "ou=groups,dc=example,dc=com";  

String gidNumber = "1234";  

// Prepare attributes for the new group

Attributes<String, Object> groupAttrs = new Attributes<>();

groupAttrs.put("cn", groupName);

groupAttrs.put("objectClass", Util.list("top", "posixGroup"));

groupAttrs.put("gidNumber", gidNumber);

try {

    ldapConnector.createObject(context, "group", groupAttrs, groupBaseDN + ",cn=" + groupName);

    

} catch (GeneralException e) {

    System.out.println("GeneralException: " + e.getMessage());

}

how to fetch IT roles based on entitlements in SailPoint IIQ?

import java.util.ArrayList;

import java.util.List;

import sailpoint.api.SailPointContext;

import sailpoint.object.Bundle;

import sailpoint.object.Filter;

import sailpoint.object.Profile;

import sailpoint.object.QueryOptions; 

String appName="Mighty";

String entitlementName = "DPA";

QueryOptions profileQo = new QueryOptions();

profileQo.addFilter(Filter.eq("application.name", appName));

  List bundles = new ArrayList();

  List profiles = context.getObjects(Profile.class, profileQo);

  if (profiles != null) {

    for (Object profileObj : profiles) {

      Profile p = (Profile) profileObj;

      List constraints = p.getConstraints();

      List filterList = null;

  

      if (constraints != null) {

        for (Object filter : constraints) {

          filterList = new ArrayList();

          if (filter instanceof sailpoint.object.Filter.LeafFilter) {

            sailpoint.object.Filter.LeafFilter f = (sailpoint.object.Filter.LeafFilter) filter;

            //Filter can have multiple values 

            Object value = f.getValue();

            if (value instanceof ArrayList) {

              ArrayList entitlements = new ArrayList();

              entitlements = (ArrayList) value;

              for (Object obj : entitlements) {

                if (obj.toString().equals(entitlementName)) {

                  Bundle bun = p.getBundle();

                  bundles.add(bun.getName());

                }

              }

            }

          }

        }

      }

    }

  }

  return bundles;

Read a CSV file, copy the CSV file data, concatenate two columns from original file and write it to another csv file

import java.io.BufferedReader;

import java.io.BufferedWriter;

import java.io.FileReader;

import java.io.FileWriter;

import java.io.IOException;

public class CSVModifier {

public static void main(String[] args) {

String line;

String inputFilePath = "F:\\DOCS\\test_03072024.csv";

String outputFilePath = "F:\\DOCS\\updated_test_03072024.csv";

try  {

BufferedReader br = new BufferedReader(new FileReader(inputFilePath));

BufferedWriter bw = new BufferedWriter(new FileWriter(outputFilePath));

// Read the header

String header = br.readLine();

if (header != null) {

String[] headers = header.split(",");

int appIndex = -1;

int roleNameIndex = -1;

// Find the indices of "app" and "Role Name"

for (int i = 0; i < headers.length; i++) {

if (headers[i].trim().equalsIgnoreCase("app")) {

appIndex = i;

} else if (headers[i].trim().equalsIgnoreCase("Role Name")) {

roleNameIndex = i;

}

}

// Check if both columns were found

if (appIndex == -1 || roleNameIndex == -1) {

throw new IllegalArgumentException(

"Input CSV does not contain required columns 'Service' and 'Role Name'");

}

// Add the new column to the header

header += ",app|RoleName";

bw.write(header);

bw.newLine();

// Read and process each line

while ((line = br.readLine()) != null) {

String[] columns = line.split(",");

String app = columns[appIndex];

String roleName = columns[roleNameIndex];

// Concatenate "app" and "Role Name"

String newColumn = app + "|" + roleName;

// Add the new column to the line

line += "," + newColumn;

bw.write(line);

bw.newLine();

}

}

bw.close();

} catch (IOException e) {

e.printStackTrace();

}

}

}

Database Connection

 public static Connection getConnection(){

    String url = "DBURL";

    String user = "spadmin";

String pwd = "p1213#%$#^$%#&^";    

Connection connection;

 log.error("Intializing connection");

 Properties connectionProperties = new Properties();

         connectionProperties.put("user", user);

        connectionProperties.put("password", context.decrypt(pwd));

        connection = DriverManager.getConnection(url, connectionProperties);        

        return connection;

}

WorkflowLaunch

HashMap<String,Object> map = new HashMap<String,Object>();

        map.put("allowRequestsWithViolations","true");

        map.put("approvalMode","serial");

        map.put("approvalScheme","none"); // For auto approval 

        map.put("AppName",applicationName); //Target applcation name

        map.put("doRefresh","true");

        map.put("enableRetryRequest","false");

        map.put("fallbackApprover","spadmin");

        map.put("flow",requestType);

        map.put("foregroundProvisioning","true");

        map.put("identityDisplayName",identityName);

        map.put("identityName",identityName);

        map.put("identity",identity);

        map.put("notificationScheme","user,requester");

        map.put("optimisticProvisioning","true");

        map.put("plan",plan);

        map.put("policiesToCheck","");

        map.put("policyScheme","continue");

        map.put("policyViolations","");

        map.put("project","");

        map.put("requireViolationReviewComments","true");

        map.put("securityOfficerName","");

        map.put("sessionOwner","spadmin");

        map.put("source","LCM");

        map.put("trace","true");

        map.put("violationReviewDecision","");

        map.put("workItemComments","");

//Create WorkflowLaunch and set values

Workflow wf = (Workflow) context.getObjectByName(Workflow.class,"Mighty - LCM Provisioning");

WorkflowLaunch wflaunch = new WorkflowLaunch(); 

wflaunch.setWorkflowName(wf.getName());

 wflaunch.setWorkflowRef(wf.getName());

 wflaunch.setCaseName("customProvToDB");

 //Launch workflow for application provisioning

 wflaunch.setVariables(map);

 wflaunch.setWorkflow(wf);  

       

 //Create Workflower and launch workflow from WorkflowLaunch

 Workflower workflower = new Workflower(context);

 WorkflowLaunch launch = workflower.launch(wflaunch);

 String workFlowId = launch.getWorkflowCase().getId();

log.error("workFlowId: "+workFlowId); 

API's Syntax

SailPointContext context = SailPointFactory.getCurrentContext();

Identity identity = new  Identity();

Identity identity = context.getObjectByName(Identity.class, "Magnus"));

Bundle bundle = new Bundle();

WorkflowLaunch wflaunch = new WorkflowLaunch();

Workflower workflower = new Workflower(context);

Trim the String

public static String getNotNullString(String value){

String returnValue = "";

if (value != null) {

 str = value.trim();

 }

 return returnValue ;

}

Workgroup Creation

import sailpoint.object.Identity;

import sailpoint.object.Identity.WorkgroupNotificationOption;

Identity identity = new Identity();

identity.setName("Mighty-Workgroup");

identity.setDisplayName("Mighty-Workgroup");

Identity workGroupOwner = context.getObjectByName(Identity.class, "spadmin");

identity.setOwner(workGroupOwner);

identity.setWorkgroup(true);

identity.setNotificationOption(WorkgroupNotificationOption.MembersOnly);

context.saveObject(identity);

context.commitTransaction();

context.decache(identity);

ITRoles Creation Utlity

  import java.io.BufferedReader;

  import java.io.File;

  import java.io.FileNotFoundException;

  import java.io.FileReader;

  import java.io.IOException;

  import java.util.ArrayList;

  import java.util.HashMap;

  import java.util.List;

  import java.util.Map;

  import org.apache.commons.logging.Log;

  import sailpoint.api.SailPointContext;

  import sailpoint.object.Application;

  import sailpoint.object.Bundle;

  import sailpoint.object.Filter;

  import sailpoint.object.Identity;

  import sailpoint.object.Profile;

  import sailpoint.tools.GeneralException;

  import sailpoint.tools.RFC4180LineParser;

  private void buildRole(HashMap roleHash) {

    String roleDec = roleHash.get("Role Description").toString();

    String roleOwner = roleHash.get("Role Owner").toString();

    String entsList = roleHash.get("Entilements").toString();

    String roleNameBeforeReplace = roleHash.get("Role Name").toString();

    String roleName = roleNameBeforeReplace.replace("+", "");

    String appName = "AD";

    Bundle role = null;

    Identity ownerId = null;

    Identity workgroupOwner = null;

    Map desc = new HashMap();

    desc.put("en_US", roleDec);

    try {

      role = context.getObjectByName(Bundle.class, roleName);

      if (role == null) {

        role = new Bundle();

      }

      ownerId = context.getObjectByName(Identity.class, roleOwner);

      if (ownerId == null) {

        ownerId = new Identity();

        ownerId.setName(roleOwner);

        ownerId.setDisplayName(roleOwner);

        workgroupOwner = context.getObjectByName(Identity.class, "spadmin");

        ownerId.setOwner(workgroupOwner);

        ownerId.setWorkgroup(true);

        ownerId.setNotificationOption(sailpoint.object.Identity.WorkgroupNotificationOption.MembersOnly);

        context.saveObject(ownerId);

        context.commitTransaction();

        context.decache(ownerId);

      }

      Application appObj = null;

      if (appName != null) {

        appObj = context.getObjectByName(Application.class, appName);

        if (appObj == null) {

          return;

        }

      }

      role.setType("it");

      role.setName(roleName);

      role.setDisplayName(roleName);

      role.setOwner(ownerId);

      role.setDescriptions(desc);

      List inheritList = new ArrayList();

      Bundle bundleObj = context.getObjectByName(Bundle.class, "Mighty IT Roles");

      inheritList.add(inheritList);

      RFC4180LineParser entParser = new RFC4180LineParser("|");

      ArrayList&lt;String> entitlements = entParser.parseLine(entsList);

      if (role.getType().contains("it")) {

        List proList = new ArrayList();

        List filList = new ArrayList();

        Profile profile = new Profile();

        Filter filter = Filter.containsAll("Entilements", entitlements);

        filList.add(filter);

        profile.setConstraints(filList);

        profile.setApplication(appObj);

        proList.add(profile);

        role.setProfiles(filList);

        role.setInheritance(inheritList);

      }

      context.saveObject(role);

      context.commitTransaction();

      context.decache(role);

      return;

    } catch (Exception e) {

      log.error("Exception : " + e.getMessage());

    }

  }

  // Code Execution Starts here

  int lineCounter = 0;

  String dlm = ",";

  String thisLine = "";

  String headerString = "";

  String valueString = "";

  HashMap lineHash = null;

  List headerStrings = new ArrayList();

  String csvFileName = "Path";

  log.debug("Role Creation Started...");

  BufferedReader fileIn = null;

  File bundleFile = null;

  log.debug("Readin Bundle date from : " + csvFileName);

  try {

    bundleFile = new File(csvFileName);

    if ((!bundleFile.exists()) || bundleFile.isDirectory()) {

      log.error("Unable to find the bundle csv file : " + csvFileName);

      return;

    }

    fileIn = new BufferedReader(new FileReader(csvFileName));

    RFC4180LineParser parser = new RFC4180LineParser(dlm);

    while (null != (thisLine = fileIn.readLine())) {

      ArrayList tokens = parser.parseLine(thisLine);

      if (lineCounter == 0) {

        for (int i = 0; i &lt; tokens.size(); i++) {

          headerStrings.add(tokens.get(i).toString().trim());

        }

      } else {

        lineHash = new HashMap();

        for (int i = 0; i &lt; args.length; i++) {

          headerString = headerStrings.get(i).toString();

          valueString = tokens.get(i).toString();

          if (valueString != null) {

            valueString = valueString.trim();

          } else {

            valueString = "";

          }

          lineHash.put(headerString, valueString);

        }

        buildRole(lineHash);

      }

      lineCounter++;

      if ((lineCounter % 20) == 0) {

        context.decache();

      }

    }

  } catch (FileNotFoundException e) {

    log.error("Exception : " + e.getMessage());

  } catch (IOException e) {

    log.error("Exception : " + e.getMessage());

  } catch (GeneralException e) {

    log.error("Exception : " + e.getMessage());

  }

  return "Sucess";

BusinessRoles Creation Utlity

   import java.io.BufferedReader;

  import java.io.File;

  import java.io.FileNotFoundException;

  import java.io.FileReader;

  import java.io.IOException;

  import java.util.ArrayList;

  import java.util.HashMap;

  import java.util.List;

  import java.util.Map;

  import org.apache.commons.logging.Log;

  import sailpoint.api.SailPointContext;

  import sailpoint.object.Application;

  import sailpoint.object.Bundle;

  import sailpoint.object.Filter;

  import sailpoint.object.Identity;

  import sailpoint.object.Profile;

  import sailpoint.tools.GeneralException;

  import sailpoint.tools.RFC4180LineParser;

  private void buildBusinessRole(HashMap roleHash) {

    String roleName = roleHash.get("Business Role Name").toString().trim();

    String roleDesc = roleHash.get("Business Role Description").toString().trim();

    String roleOwner = roleHash.get("Business Role Owner").toString().trim();

    String itRole = roleHash.get("IT Role Name").toString().trim();

    Map desc = new HashMap();

    desc.put("en_US", roleDesc);

    Bundle role = null;

    Identity identity = null;

    Identity workGroupOwner = null;

    try {

      role = context.getObjectByName(Bundle.class, roleName);

      if (role == null) {

        role = new Bundle();

      }

      identity = context.getObjectByName(Identity.class, roleOwner);

      if (identity == null) {

        // Create the Workgroup for this Business Role

        identity = new Identity();

        identity.setName(roleOwner);

        identity.setDisplayName(roleOwner);

        workGroupOwner = context.getObjectByName(Identity.class, "spadmin");

        identity.setOwner(workGroupOwner);

        identity.setWorkgroup(true);

        context.saveObject(identity);

        context.commitTransaction();

        context.decache(identity);

      }

      

      role.setType("business");

      role.setName(roleName);

      role.setDisplayName(roleName);

      role.setOwner(identity);

      role.setDescriptions(desc);

      RFC4180LineParser entParser = new RFC4180LineParser("|");

      ArrayList&lt;String> itRoles = entParser.parseLine(itRole);

      Bundle bundleObj = context.getObjectByName(Bundle.class, "Mighty IT Roles");

      role.addInheritance(bundleObj);

      // Add the required IT Roles to this Business Role

      for (int e = 0; e &lt; itRoles.size(); e++) {

        Bundle requiredRole = context.getObjectByName(Bundle.class, itRoles.get(e));

        if (requiredRole == null) {

          log.error("Reuired role not found...");

        } else {

          role.addRequirement(requiredRole);

        }

      }

      context.saveObject(role);

      context.commitTransaction();

      context.decache(role);

      return;

    } catch (GeneralException e) {

      log.error("GeneralException : " + e.getMessage());

    }

  }

  // Code Execution Starts here

  int lineCounter = 0;

  String dlm = ",";

  String thisLine = "";

  String headerString = "";

  String valueString = "";

  HashMap lineHash = null;

  List headerStrings = new ArrayList();

  String csvFileName = "Path";

  log.debug("Role Creation Started...");

  BufferedReader fileIn = null;

  File bundleFile = null;

  log.debug("Readin Bundle date from : " + csvFileName);

  try {

    bundleFile = new File(csvFileName);

    if ((!bundleFile.exists()) || bundleFile.isDirectory()) {

      log.error("Unable to find the bundle csv file : " + csvFileName);

      return;

    }

    fileIn = new BufferedReader(new FileReader(csvFileName));

    RFC4180LineParser parser = new RFC4180LineParser(dlm);

    while (null != (thisLine = fileIn.readLine())) {

      ArrayList tokens = parser.parseLine(thisLine);

      if (lineCounter == 0) {

        for (int i = 0; i &lt; tokens.size(); i++) {

          headerStrings.add(tokens.get(i).toString().trim());

        }

      } else {

        lineHash = new HashMap();

        for (int i = 0; i &lt; args.length; i++) {

          headerString = headerStrings.get(i).toString();

          valueString = tokens.get(i).toString();

          if (valueString != null) {

            valueString = valueString.trim();

          } else {

            valueString = "";

          }

          lineHash.put(headerString, valueString);

        }

        buildRole(lineHash);

      }

      lineCounter++;

      if ((lineCounter % 20) == 0) {

        context.decache();

      }

    }

  } catch (FileNotFoundException e) {

    log.error("Exception : " + e.getMessage());

  } catch (IOException e) {

    log.error("Exception : " + e.getMessage());

  } catch (GeneralException e) {

    log.error("Exception : " + e.getMessage());

  }

  return "Sucess";

Workflow Global Variables

# context

# log

# wfcontext

# handler

# step

# approval

# item

# trace

======================================================================================================================================================

WorkflowEngine: It controls the Workflow from the start step to the end step.

Advanced Policy Violation evaluate based on the Organization Role

  import java.util.ArrayList;

  import java.util.HashMap;

  import java.util.List;

  import java.util.Map;

  import sailpoint.object.Bundle;

  import sailpoint.object.Custom;

  import sailpoint.object.Identity;

  import sailpoint.object.PolicyViolation;

  import sailpoint.tools.GeneralException;

  public Map getRoleMap(Identity identity) {

    Map rolesMap = new HashMap();

    if (identity != null @and identity.getAssignedRoles() != null) {

      List&lt;Bundle> assingedRoles = identity.getAssignedRoles();

      if (assingedRoles.size() > 0 @and !assingedRoles.isEmpty()) {

        for (Bundle bundle : assingedRoles) {          

          if (bundle.getInheritance().size() > 0 @and bundle.getInheritance().get(0).getName().toString().trim() != null) {            

            current_role = bundle.getName().toString().trim();

            current_container = bundle.getInheritance().get(0).getName().toString().trim();

            if (sodContainers.contains(current_container)) {

              rolesMap.put(current_role, current_container);

            }

          }

        }

      }

    }

    return rolesMap;

  }

  public HashMap getDuplicateValues(HashMap in) {

    // Clone input HashMap because we're removing stuff from it

    in = (HashMap) in.clone();

    HashMap rval = new HashMap();

    Object[] keys = in.keySet().toArray();

    // iterate through all keys

    for (int x = 0; x &lt; keys.length; x++) {

      Object value = in.get(keys[x]);

      in.remove(keys[x]);

      // if value is in input HashMap, store it in duplicate HashMap because it has

      // another value

      if (in.containsValue(value)) {

        rval.put(keys[x], value);

      }

      // if value is in duplicate HashMap, store it also because it HAD another value

      // earlier

      if (rval.containsValue(value)) {

        rval.put(keys[x], value);

      }

    }

    return (rval);

  }

  Boolean isVaiolated = false;

  String current_container = "";

  String current_role = "";

  String roleA = "";

  String roleB = "";

  String duplicateValue = null;

  Map assingedRoles = new HashMap();

  Map requestedRoles = new HashMap();

  Map duplicateRolesMap = new HashMap();

  Map allRolesMap = new HashMap();

  PolicyViolation violation = null;

  List sodContainers = new ArrayList();  

  try {

Custom customObj = context.getObjectByName(Custom.class, "Mighty - Container - Organization Custom Object");

    if (customObj != null @and customObj.getAttributes().getList("SOD_Containers") != null) {

      sodContainers = customObj.getAttributes().getList("SOD_Containers");

      log.error("sodContainers : " + sodContainers);

      Identity assignedIdentity = context.getObjectByName(Identity.class, identity.getName());

      if (assignedIdentity != null) {

        assingedRoles = getRoleMap(assignedIdentity);

        log.error("assingedRoles : " + assingedRoles);

        if (assingedRoles != null @and assingedRoles.size() > 0) {

          allRolesMap.putAll(allRolesMap);

        }

      }

      if (identity != null) {

        requestedRoles = getRoleMap(identity);

        log.error("requestedRoles : " + requestedRoles);

        if (requestedRoles != null @and requestedRoles.size() > 0) {

          allRolesMap.putAll(requestedRoles);

        }

      }

      if (allRolesMap.size() > 0 @and !allRolesMap.isEmpty()) {

        if (duplicateRolesMap.get(duplicateRolesMap.keySet().toArray()[0]) != null) {

          isVaiolated = true;

          duplicateValue = duplicateRolesMap.get(duplicateRolesMap.keySet().toArray()[0]).toString().trim();

          if (duplicateRolesMap.keySet().toArray()[0] != null) {

            roleA = duplicateRolesMap.keySet().toArray()[0].toString().trim();

            duplicateRolesMap.remove(roleA);

            for (Map.Entry dupEntryRole : duplicateRolesMap.entrySet()) {

              if (dupEntryRole.getValue() != null @and dupEntryRole.getKey() != null) {

                if (dupEntryRole.getValue().equals(duplicateValue)) {

                  roleB = dupEntryRole.getKey().toString().trim();

                  break;

                }

              }

            }

          }

        }

      }

    }

    if (isVaiolated) {

      violation = new PolicyViolation();

      violation.setActive(true);

      violation.setIdentity(identity);

      violation.setPolicy(policy);

      violation.setConstraint(constraint);

      violation.setDescription("");

     // violation.setStatus(sailpoint.object.PolicyViolation.Status.Open); // workitem will be disabled if this line is disabled

      return violation;

    }

  } catch (GeneralException e) {

    log.error("GeneralException : " + e.getMessage());

  }

  return violation; 

Map inside Map

HashMap primasRoleIdMap = new HashMap();

primasRoleIdMap.put("roleId", "");

primasRoleIdMap.put("roleType", "");

HashMap<String, HashMap> primasRoleMap = new HashMap();

primasRoleMap.put("roleIds", primasRoleIdMap);

Sample Before Rule

import java.util.ArrayList;

import java.util.HashMap;

import java.util.List;

import java.util.Map;

import org.apache.commons.logging.Log;

import org.apache.log4j.Logger;

import sailpoint.api.SailPointContext;

import sailpoint.connectorDependencies.EndPoint;

import sailpoint.object.Custom;

import sailpoint.object.ProvisioningPlan;

import sailpoint.object.ProvisioningPlan.AccountRequest;

import sailpoint.object.ProvisioningPlan.AttributeRequest;

import sailpoint.tools.Util;

import connector.common.JsonUtil;

String roleType = "";

String roleId = "";

List<String> securityGroup = new ArrayList<String>();

String secretAccountIndicator = "";

String phone = null;

String bcomSecGroupReqType = "";

List<String> bcomSecurityGroup = new ArrayList<String>();

List<String> ipccRoleId = new ArrayList<String>();

String ipccPhone = "";

String roleChangeReqType = "";

List<String> roleChangeRoleID = new ArrayList<String>();

String primasRole = "";

String primasPhone = "";

String secAccIndicator = "";

String bcomAccSecretAccountIndicator = "";

Custom custom = null;

AttributeRequest attributeRequest = null;

Map<String, Object> formMap = new HashMap<String, Object>();

List<AccountRequest> accountRequests = null;

custom = context.getObjectByName(Custom.class, "Mighty - Payload Details");

Map body = requestEndPoint.getBody();

String jsonBody = body.get("jsonBody").toString().trim();

log.error("jsonBody : " + jsonBody);

Map jsonMap = JsonUtil.toMap(jsonBody);

log.error("jsonMap : " + jsonMap);

accountRequests = provisioningPlan.getAccountRequests();

log.error("accountRequests : " + accountRequests);

for (AccountRequest accountRequest : accountRequests) {

if (Util.isNotNullOrEmpty(accountRequest.getApplicationName())

&& accountRequest.getApplicationName().toString().trim().equalsIgnoreCase("BCOM")) {

formMap = provisioningPlan.getArguments().getMap();

log.error("formMap : " + formMap);

if (accountRequest.getAttributeRequest("rolesIds") != null) {

attributeRequest = accountRequest.getAttributeRequest("rolesIds");

log.error("attributeRequest : " + attributeRequest);

if (attributeRequest.getName().equalsIgnoreCase("IPCC")) {

if (formMap.get("Role ID") != null) {

ipccRoleId = (List<String>) formMap.get("Role ID");

log.error("ipccRoleId : " + ipccRoleId);

}

if (formMap.get("Phone") != null) {

phone = formMap.get("Phone").toString().trim();

log.error("phone : " + phone);

}

if (Util.isNotNullOrEmpty(phone)) {

jsonMap.put("phoneNo", phone);

}

// To - Do

// Map postBodyMap = (Map) requestEndPoint.getBody();

}

if (attributeRequest.getName().equalsIgnoreCase("IPCC update Roles")) {

if (formMap.get("Request Type") != null) {

roleChangeReqType = formMap.get("Request Type").toString().trim();

log.error("roleChangeReqType : " + roleChangeReqType);

}

if (formMap.get("Role ID") != null) {

roleChangeRoleID = (List<String>) formMap.get("Role ID");

log.error("roleChangeRoleID : " + roleChangeRoleID);

}

// To - Do

}

if (attributeRequest.getName().equalsIgnoreCase("BCOM update Security Group")) {

if (formMap.get("Request Type") != null) {

bcomSecGroupReqType = formMap.get("Request Type").toString();

log.error("bcomSecGroupReqType : " + bcomSecGroupReqType);

}

if (formMap.get("Security Group") != null) {

bcomSecurityGroup = (List<String>) formMap.get("Security Group");

log.error("bcomSecurityGroup : " + bcomSecurityGroup);

}

// To - Do

}

if (attributeRequest.getName().equalsIgnoreCase("BCOM")) {

if (formMap.get("Role ID") != null) {

roleId = formMap.get("Role ID").toString();

}

if (formMap.get("Security Group") != null) {

securityGroup = (List) formMap.get("Security Group");

}

if (formMap.get("Secret Account Indicator") != null) {

secretAccountIndicator = formMap.get("Secret Account Indicator").toString().trim();

}

if (formMap.get("Phone") != null) {

phone = formMap.get("Phone").toString().trim();

}

// To - Do

}

if (attributeRequest.getName().equalsIgnoreCase("PRIMAS")) {

if (formMap.get("Role ID") != null) {

primasRole = formMap.get("Role ID").toString();

if (formMap.get("PRIMAS") != null) {

roleType = custom.getString("PRIMAS");

log.error("roleType : " + roleType);

}

}

if (formMap.get("Phone") != null) {

primasPhone = formMap.get("Phone").toString().trim();

log.error("primasPhone : " + primasPhone);

}

// To - Do

if (Util.isNotNullOrEmpty(primasPhone)) {

jsonMap.put("phoneNo", primasPhone);

}

}

if (attributeRequest.getName().equalsIgnoreCase("BCOM update Account Indicator")) {

if (formMap.get("Secret Account Indicator") != null) {

secretAccountIndicator = formMap.get("Secret Account Indicator").toString().trim();

log.error("secretAccountIndicator : " + secretAccountIndicator);

if (secretAccountIndicator.equalsIgnoreCase("Normal Account")) {

secAccIndicator = custom.getString("Normal Account");

log.error("secAccIndicator : " + secretAccountIndicator);

}

if (secretAccountIndicator.equalsIgnoreCase("Confidential and Normal Account")) {

secAccIndicator = custom.getString("Confidential and Normal Account");

log.error("secAccIndicator : " + secretAccountIndicator);

}

}

// To - Do

if (Util.isNotNullOrEmpty(secAccIndicator)) {

jsonMap.put("secretAccountIndicator", secAccIndicator);

}

}

}

}

}

Before Rule for JSON body update

import java.util.ArrayList;

import java.util.HashMap;

import java.util.List;

import java.util.Map;

import org.apache.log4j.Logger;

import openconnector.JsonUtil;

import sailpoint.api.SailPointContext;

import sailpoint.connectorDependencies.EndPoint;

import sailpoint.object.Attributes;

import sailpoint.object.Identity;

import sailpoint.object.ProvisioningPlan;

import sailpoint.object.ProvisioningPlan.AccountRequest;

import sailpoint.object.ProvisioningPlan.AttributeRequest;

import sailpoint.tools.Util;

public class RoleCreation {

static SailPointContext context = null;

static Logger logger = null;

static ProvisioningPlan provisioningPlan = null;

static EndPoint requestEndPoint = null;

public static void main(String[] args) {

String appName = null;

String roleId = "";

List<String> securityGroup = new ArrayList<String>();

String secretAccountIndicator = "";

String phone = null;

String ecomSecGroupReqType = "";

List<String> ecomSecurityGroup = new ArrayList<String>();

List<String> ipccRoleId = new ArrayList<String>();

String ipccPhone = "";

String roleChangeReqType = "";

List<String> roleChangeRoleID = new ArrayList<String>();

String primasRole = "";

String primasPhone = "";

String ecomAccSecretAccountIndicator = "";

AttributeRequest attributeRequest = null;

Map<String, Object> formMap = new HashMap<String, Object>();

List<AccountRequest> accountRequests = null;

accountRequests = provisioningPlan.getAccountRequests();

for (AccountRequest accountRequest : accountRequests) {

if (Util.isNotNullOrEmpty(accountRequest.getApplicationName())

&& accountRequest.getApplicationName().toString().trim().equalsIgnoreCase("ECOM")) {

appName = accountRequest.getApplicationName().toString().trim();

formMap = provisioningPlan.getArguments().getMap();

if (accountRequest.getOperation().equals(AccountRequest.Operation.Create)) {

if (accountRequest.getAttributeRequest("rolesIds") != null) {

attributeRequest = accountRequest.getAttributeRequest("rolesIds");

if (attributeRequest.getName().equalsIgnoreCase("ECOM")) {

if (formMap.get("Role ID") != null) {

String roleID = formMap.get("Role ID").toString();

}

if (formMap.get("Security Group") != null) {

securityGroup = (List) formMap.get("Security Group");

}

if (formMap.get("Secret Account Indicator") != null) {

secretAccountIndicator = formMap.get("Secret Account Indicator").toString().trim();

}

if (formMap.get("Phone") != null) {

phone = formMap.get("Phone").toString().trim();

}

}

if (attributeRequest.getName().equalsIgnoreCase("ECOM Security Group")) {

if (formMap.get("Request Type") != null) {

String roleID = formMap.get("Request Type").toString();

}

if (formMap.get("Security Group") != null) {

ecomSecurityGroup = (List<String>) formMap.get("Security Group");

}

}

if (attributeRequest.getName().equalsIgnoreCase("IPCC")) {

if (formMap.get("Role ID") != null) {

ipccRoleId = (List<String>) formMap.get("Role ID");

}

if (formMap.get("Phone") != null) {

phone = formMap.get("Phone").toString().trim();

}

}

if (attributeRequest.getName().equalsIgnoreCase("IPCCRoleChange")) {

if (formMap.get("Request Type") != null) {

roleChangeReqType = formMap.get("Request Type").toString().trim();

}

if (formMap.get("Role ID") != null) {

roleChangeRoleID = (List<String>) formMap.get("Role ID");

}

}

if (attributeRequest.getName().equalsIgnoreCase("PRIMAS")) {

if (formMap.get("Role ID") != null) {

primasRole = formMap.get("Role ID").toString();

}

if (formMap.get("Phone") != null) {

primasPhone = formMap.get("Phone").toString().trim();

}

}

if (attributeRequest.getName().equalsIgnoreCase("ECOM Account Indicator")) {

if (formMap.get("Secret Account Indicator") != null) {

secretAccountIndicator = formMap.get("Secret Account Indicator").toString().trim();

}

}

}

if (formMap.size() > 0) {

if (formMap.get("Role ID") != null) {

}

Map body = requestEndPoint.getBody();

String jsonBody = (String) body.get("jsonBody");

logger.info("Rule - Modify Body: running");

}

}

}

}

}

}

Retry enable

 <entry key="retryableErrors"> 

 <value> 

  <List> 

   <String>Server is not operational</String> 

  </List> 

 </value>

</entry>

Test after Rule

log.error("processedResponseObject : " + processedResponseObject); 

log.error("rawResponseObject: " + rawResponseObject);

Bitbucket

sudo su

cd /app/mighty/spadmin/

mkdir Mighty_Code_Path

chmod 777 Mighty_Code_Path -R

userName : "abcd"

EmailAdd : "abcd@gmail.com"

git config --global http.sslVerify false

cd "/app/mighty/spadmin/Mighty_Code_Path"

pwd

git clone "URL"

cd identityiq

git checkout Master_Code_Rev

cd /app/mighty/spadmin/Mighty_Code_Path/identityiq"

git add --all

git commit -m "Commit -12345 -Master_Code_Rev_Test"

git push -u origin HEAD:Master_Code_Rev

# Create Pull Request

# Scroll down and click on Create.

Fetch Resource Object entitlements and validate against custom object.

 import java.util.List;

  import java.util.Map;

  import org.apache.commons.logging.Log;

  import sailpoint.api.SailPointContext;

  import sailpoint.object.Custom;

  import sailpoint.object.ResourceObject;

  import sailpoint.tools.GeneralException;

  ResourceObject object = null;

  ResourceObject resourceObject = null;

  Custom custom = null;

  Map tablueauMap = null;

  Map tablueauENTMap = null;

  List listENT = null;

  try {

    if (object != null) {

      if (object.getStringList("memberOf") != null && object.getStringList("memberOf").size() > 0

&& !object.getStringList("memberOf").isEmpty()) {      

         listENT = object.getStringList("memberOf");

        log.error("TABLEAU groups are : "+listENT);

        custom = context.getObjectByName(Custom.class, "Test Custom Object");

        if (custom != null) {

          tablueauMap = custom.getAttributes().getMap();

          if (tablueauMap.size() > 0 @and tablueauMap.get("TABLEAU") != null) {

            tablueauENTMap = (Map) tablueauMap.get("TABLEAU");

            resourceObject = new ResourceObject();

            for (String ent: listENT) {

              if (tablueauENTMap.containsValue(ent)) {

                resourceObject = object;

              }

            }

          } else {

            log.error("Custom Object doesn't contains TABLEAU ");

          } 

        }  else {

          log.error("Custom Object is null");

        } 

      } else {

        log.error("Resource Object doesn't contains groups and length is zero");

      }

    } else {

      log.error("ResourceObject is null");

    }

    return resourceObject;

  } catch (GeneralException e) {

    log.error("GeneralException : " + e.getMessage());

  }

==========================================================================

import java.util.List;

import java.util.Map;

import org.apache.commons.logging.Log;

import sailpoint.api.SailPointContext;

import sailpoint.object.Custom;

import sailpoint.object.ResourceObject;

import sailpoint.tools.GeneralException;

public class ResourceObjectTest {

static SailPointContext context = null;

static ResourceObject object = null;

static ResourceObject resourceObject = null;

static Log log = null;

public static void main(String[] args) {

Custom custom = null;

Map tablueauMap = null;

Map tablueauENTMap = null;

List listENT = null;

try {

if (object != null) {

if (object.getAttribute("memberOf") != null) {

listENT = (List) object.getAttribute("memberOf");

if (listENT.size() > 0) {

custom = context.getObjectByName(Custom.class, "");

if (custom != null) {

tablueauMap = custom.getAttributes().getMap();

if (tablueauMap.size() > 0 && tablueauMap.get("TABLEAU") != null) {

tablueauENTMap = (Map) tablueauMap.get("TABLEAU");

for (Object object1 : listENT) {

if (tablueauENTMap.containsValue(object1)) {

resourceObject = object;

}

}

}

}

}

} else {

log.error("Resource Object doesn't contains groups ");

}

} else {

log.error("ResourceObject is : " + object);

}

} catch (GeneralException e) {

log.error("GeneralException : " + e.getMessage());

}

}

}

Payload Configuration in IIQ

Payload :

{

"empID": "12345",

"firstName": "ABC",

"lastName": "XYZ",

"email": "abc@gmail.com"

"roles":[

{

"roleID": "123",

"roleName":""MighytRole

}

],

region:"Asia"

}

Aggregation:

Left-side fields should be exactly matched with schema fields.

Right-side fields should be exactly matched with payload or application fields.

Create / Update Account:

Left-side fields should be exactly matched with payload fields.

Right-side fields should be exactly matched with provisioning policy fields

Methods:

Create Account: POST

Update Account: PUT

Disable Account: PUT

Enable Account: GET

Delete Account: DELETE

Get Account: GET

Payload Mapping Template

Payload Mapping:

Postman

Headers:

Content-Type : application/json

Accept : text/json

Host URL / Base URL: https://blogger.net/

Path URL / Context URL: / mighty

Response = > Successful Response Code : 2** 

Payload / Json Body:

{

"empID": "12345",

"firstName": "ABC",

"lastName": "XYZ",

"email": "abc@gmail.com"

"roles":[

{

"roleID": "123",

"roleName":""MighytRole

}

],

region:"Asia"

}

Before Operation Rule

Troubleshooting purpose:

log.error("requestEndPoint : " + requestEndPoint ); 

log.error("requestEndPoint : "+requestEndPoint.getBody());

requestEndPoint.setFullUrl(requestEndPoint.getFullUrl().replaceAll("40", "@")); 

// updating the endpoint URL

Adv Policy Java

import java.util.ArrayList;

import java.util.HashMap;

import java.util.List;

import java.util.Map;

public class Policy{

Map<String, String> identityRoles = new HashMap<>();

Map<String, String> requestRoles = new HashMap<>();

Map<String, Integer> tempMap = new HashMap<>();

List<String> duplicateReq = new ArrayList<>();

Map<String, String> customOrg = new HashMap<>();

public void validationInProcess() {

customOrg.put("orgO1", "Organization One DName");

customOrg.put("orgO2", "Organization two DName");

identityRoles.put("BR1", "orgO1");

identityRoles.put("BR2", "orgO2");

identityRoles.put("BR9", "orgO3");

identityRoles.put("BR12", "orgO4");

requestRoles.put("BR2", "orgO1");

requestRoles.put("BR1", "orgO2");

requestRoles.put("BR10", "orgO4");

requestRoles.put("BR11", "orgO5");

if (!requestRoles.isEmpty() && identityRoles.isEmpty()) {

if (requestRoles.size() == 1) {

System.out.println("Requested one role and no assigned roles found. Processing request. ");

} else {

System.out.println("Requested multiple Roles. Undergoing Organization duplicate valdiation.");

List<String> listOfReqRoles = new ArrayList<>(requestRoles.values());

List<String> duplicateReq = validateDuplicateOrg(listOfReqRoles);

processRequest(duplicateReq);

}

} else if (!identityRoles.isEmpty() && requestRoles.isEmpty()) {

if (requestRoles.size() == 1) {

System.out.println("Requested one role and no assigned roles found. Processing request. ");

} else {

System.out.println("Requested multiple Roles. Undergoing Organization duplicate valdiation.");

List<String> listOfDetRoles = new ArrayList<>(identityRoles.values());

List<String> duplicateDet = validateDuplicateOrg(listOfDetRoles);

processRequest(duplicateDet);

}

} else if (!identityRoles.isEmpty() && !requestRoles.isEmpty()) {

if (requestRoles.size() == 1) {

System.out.println("Requested One Role");

validateRoleCount(identityRoles, requestRoles);

} else {

List<String> listOfReqRoles = new ArrayList<>(requestRoles.values());

List<String> duplicateReq = validateDuplicateOrg(listOfReqRoles);

if (processRequest(duplicateReq)) {

validateRoleCount(identityRoles, requestRoles);

}

}

}

}

public List<String> validateDuplicateOrg(List<String> listOfRoles) {

List<String> duplicate = new ArrayList<>();

System.out.println("Validating Duplication. Requested Role's Organization : " + listOfRoles.toString());

for (int i = 0; i < listOfRoles.size(); i++) {

for (int j = i + 1; j < listOfRoles.size(); j++) {

if (listOfRoles.get(i).equalsIgnoreCase(listOfRoles.get(j))) {

duplicate.add(listOfRoles.get(i));

}

}

}

return duplicate;

}

public boolean processRequest(List<String> processList) {

boolean flag = false;

if (!processList.isEmpty()) {

for (int i = 0; i < processList.size(); i++) {

if (customOrg.containsKey(processList.get(i))) {

System.out.println("Requested Roles found Duplicate Org : " + processList.get(i));

flag = false;

} else {

System.out.println("Requeste role not found in Org . Processing Request");

flag = true;

}

}

} else {

System.out.println("No duplicate found. Processing request.");

flag = true;

}

return flag;

}

public Map<String, Integer> validateRoleCount(Map<String, String> identityRoles, Map<String, String> requestRoles) {

int OrgCount = 0;

for (Map.Entry<String, String> identityRole : identityRoles.entrySet()) {

for (Map.Entry<String, String> requestRole : requestRoles.entrySet()) {

if (customOrg.containsKey(identityRole.getValue()) && customOrg.containsKey(requestRole.getValue())) {

if (identityRole.getValue().equalsIgnoreCase(requestRole.getValue())) {

OrgCount++;

}

}

}

if (OrgCount >= 1) {

for (Map.Entry<String, String> customRole : customOrg.entrySet()) {

if (customRole.getKey().equalsIgnoreCase(identityRole.getValue())) {

OrgCount += 1;

tempMap.put(customRole.getKey(), OrgCount);

}

}

}

OrgCount = 0; }

for (Map.Entry<String, Integer> entry : tempMap.entrySet())

System.out.println("Key = " + entry.getKey() + ", Value = " + entry.getValue());

return tempMap;

}

public static void main(String[] args) {

new Policy().validationInProcess();

}

}