Step 1: Modify stock LCM Provisioning workflow to transition to illegal request handler step when criteria for "illegal request" is detected (e.g., account ends with "_FC"). This transition can be added to the very first step in the workflow.
// POC - Look for "_FC" suffix on account name if (accountId.endsWith("_FC")) { System.out.println("..found illegal account in request: " + accountId); result = true; } }
Step 2: Add step for handling illegal account request. In this example, the step sets a return message that will go back to requester and then transitions to the end of the workflow.
<Step action="addMessage" name="Illegal Request Handler"> <Arg name="message"> <Script> <Source> return "Your request is not allowed due to policy. Account: " + workflow.get("illegalItem"); </Source> </Script> </Arg> <Arg name="type" value="Error"/> <Transition to="end"/> </Step>
Step 3: Once workflow is updated, test the new capability.