Often times, we need to make bulk changes to ManagedAttributes in IdentityIQ. I created the below script that can read in a pipe-delimited CSV file with the following Header Row: applicationName|entitlementName|attributeName|attributeValue:
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE sailpoint PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<sailpoint>
<Rule language="beanshell" name="Bulk Modify ManagedAttribute Rule">
<Description>Rule used to bulk modify attribute values on ManagedAttribute Objects</Description>
<Signature returnType="String">
<Inputs>
<Argument name="context">
<Description>
A sailpoint.api.SailPointContext object that can be used to query the database if necessary.
</Description>
</Argument>
<Argument name="fileName">
<Description>
fileName
</Description>
</Argument>
<Argument name="commitSize">
<Description>
commitSize
</Description>
</Argument>
</Inputs>
</Signature>
<Source>
import java.util.*;
import sailpoint.object.*;
import sailpoint.api.*;
import sailpoint.tools.*;
import java.text.*;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
private Log Logger = LogFactory.getLog("rule.modifyMAttributes");
public static int count = 0;
public static int failedCount = 0;
public static void modifyMAttributes(SailPointContext context) {
String fName="/tmp/modify_ma.csv";
Application app = null;
ManagedAttribute ma = null;
int modCount = 5000;
//Get fileName and commitSize from input passed in from taskdefinition
if (config != null && config instanceof Map){
String fileName = config.get("fileName");
if(fileName != null){
Logger.debug("assign fileName: " + fileName);
fName = fileName;
}
String commitSize = config.get("commitSize");
if(commitSize != null){
Logger.debug("assign commitSize: " + commitSize);
modCount = Integer.parseInt(commitSize);
}
}
//Define reader
BufferedReader br = new BufferedReader(new FileReader(fName));
try{
if (br!=null)
{
String line="";
//throw away header row
br.readLine();
while ((line = br.readLine()) != null)
{
String applicationName="";
String entitlementName="";
String attributeName="";
String attributeValue="";
try{
++count;
if((count % modCount) == 0){
context.commitTransaction();
}
if (line!=null)
{
String[] splitLine = line.split("\\|");
if(splitLine.length == 4){
applicationName = splitLine[0];
entitlementName = splitLine[1];
attributeName = splitLine[2];
attributeValue = splitLine[3];
app = context.getObject(Application.class, applicationName);
ma = ManagedAttributer.getByDisplayName(context, app, entitlementName);
if(null != ma){
if(null != attributeName && null != attributeValue){
if(attributeName.equalsIgnoreCase("owner")){
identity = context.getObjectByName(Identity.class, attributeValue);
ma.setOwner(identity);
context.saveObject(ma);
} else if(attributeName.equalsIgnoreCase("description")){
ma.addDescription("en_US", attributeValue);
context.saveObject(ma);
} else {
ma.setAttribute(attributeName, attributeValue);
context.saveObject(ma);
}
}
}
}
else{
++failedCount;
}
}
} catch(Exception e){
++failedCount;
Logger.error("Error with line: " + line);
taskResult.setCompletionStatus(TaskResult.CompletionStatus.Error);
continue;
}
}//end while
}
} catch(Exception exp){
Logger.error("General Error");
taskResult.setCompletionStatus(TaskResult.CompletionStatus.Error);
return ("Error in processing");
} finally {
try {
br.close();
context.decache(app);
context.decache(ma);
} catch (Exception excep){
Logger.error("Error closing connection: " + excep);
taskResult.setCompletionStatus(TaskResult.CompletionStatus.Error);
return ("Error in processing");
}
}
String resultMsg = ("Total Processed: " + count + ", Error Count: " + failedCount);
context.commitTransaction();
taskResult.addMessage(Message.info(resultMsg,null));
} //end method modifyMAttributes
modifyMAttributes(context);
return ("Total Processed: " + count + ", Error Count: " + failedCount);
</Source>
</Rule>
</sailpoint>
Is this different from an Entitlement Catalog import?
- Josh