import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import sailpoint.object.Bundle;
import sailpoint.object.Custom;
import sailpoint.object.Identity;
import sailpoint.object.PolicyViolation;
import sailpoint.tools.GeneralException;
public Map getRoleMap(Identity identity) {
Map rolesMap = new HashMap();
if (identity != null @and identity.getAssignedRoles() != null) {
List<Bundle> assingedRoles = identity.getAssignedRoles();
if (assingedRoles.size() > 0 @and !assingedRoles.isEmpty()) {
for (Bundle bundle : assingedRoles) {
if (bundle.getInheritance().size() > 0 @and bundle.getInheritance().get(0).getName().toString().trim() != null) {
current_role = bundle.getName().toString().trim();
current_container = bundle.getInheritance().get(0).getName().toString().trim();
if (sodContainers.contains(current_container)) {
rolesMap.put(current_role, current_container);
}
}
}
}
}
return rolesMap;
}
public HashMap getDuplicateValues(HashMap in) {
// Clone input HashMap because we're removing stuff from it
in = (HashMap) in.clone();
HashMap rval = new HashMap();
Object[] keys = in.keySet().toArray();
// iterate through all keys
for (int x = 0; x < keys.length; x++) {
Object value = in.get(keys[x]);
in.remove(keys[x]);
// if value is in input HashMap, store it in duplicate HashMap because it has
// another value
if (in.containsValue(value)) {
rval.put(keys[x], value);
}
// if value is in duplicate HashMap, store it also because it HAD another value
// earlier
if (rval.containsValue(value)) {
rval.put(keys[x], value);
}
}
return (rval);
}
Boolean isVaiolated = false;
String current_container = "";
String current_role = "";
String roleA = "";
String roleB = "";
String duplicateValue = null;
Map assingedRoles = new HashMap();
Map requestedRoles = new HashMap();
Map duplicateRolesMap = new HashMap();
Map allRolesMap = new HashMap();
PolicyViolation violation = null;
List sodContainers = new ArrayList();
try {
Custom customObj = context.getObjectByName(Custom.class, "Mighty - Container - Organization Custom Object");
if (customObj != null @and customObj.getAttributes().getList("SOD_Containers") != null) {
sodContainers = customObj.getAttributes().getList("SOD_Containers");
log.error("sodContainers : " + sodContainers);
Identity assignedIdentity = context.getObjectByName(Identity.class, identity.getName());
if (assignedIdentity != null) {
assingedRoles = getRoleMap(assignedIdentity);
log.error("assingedRoles : " + assingedRoles);
if (assingedRoles != null @and assingedRoles.size() > 0) {
allRolesMap.putAll(allRolesMap);
}
}
if (identity != null) {
requestedRoles = getRoleMap(identity);
log.error("requestedRoles : " + requestedRoles);
if (requestedRoles != null @and requestedRoles.size() > 0) {
allRolesMap.putAll(requestedRoles);
}
}
if (allRolesMap.size() > 0 @and !allRolesMap.isEmpty()) {
if (duplicateRolesMap.get(duplicateRolesMap.keySet().toArray()[0]) != null) {
isVaiolated = true;
duplicateValue = duplicateRolesMap.get(duplicateRolesMap.keySet().toArray()[0]).toString().trim();
if (duplicateRolesMap.keySet().toArray()[0] != null) {
roleA = duplicateRolesMap.keySet().toArray()[0].toString().trim();
duplicateRolesMap.remove(roleA);
for (Map.Entry dupEntryRole : duplicateRolesMap.entrySet()) {
if (dupEntryRole.getValue() != null @and dupEntryRole.getKey() != null) {
if (dupEntryRole.getValue().equals(duplicateValue)) {
roleB = dupEntryRole.getKey().toString().trim();
break;
}
}
}
}
}
}
}
if (isVaiolated) {
violation = new PolicyViolation();
violation.setActive(true);
violation.setIdentity(identity);
violation.setPolicy(policy);
violation.setConstraint(constraint);
violation.setDescription("");
// violation.setStatus(sailpoint.object.PolicyViolation.Status.Open); // workitem will be disabled if this line is disabled
return violation;
}
} catch (GeneralException e) {
log.error("GeneralException : " + e.getMessage());
}
return violation;