Register Sign in Need help? FAQ SailPoint directory
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Promoting entitlement into entitlement catalog using a custom task

Promoting entitlement into entitlement catalog using a custom task

I have scoured through our community and couldn't find a post for this requirement. If there is one that already exists, this is my version of it that works for me. We are on IIQ 7.2p2.

 

Create a feed file with your entitlement format requirements:

eg:

attribute, value, displayName, owner, requestable, application, type

groups,XYZ,Data Reader,Adam.Test,true,ABCs,Entitlement

 

Write a rule to promote it into the Entitlement catalog:

 

import sailpoint.object.TaskDefinition;

import sailpoint.object.*;

import sailpoint.object.TaskResult;

import sailpoint.tools.Message;

import java.util.ArrayList;

import sailpoint.object.Attributes;

import java.util.HashMap;

 

 

TaskDefinition td = context.getObject(TaskDefinition.class, "Update Entitlements Task");

String filePath = (String) td.getArgument("filePath");

System.out.println("Filepath:" + filePath);

BufferedReader br = null;

br = new BufferedReader(new FileReader(filePath));

if (br == null) {

   if (tr != null) tr.addMessage(Message.error("Could not find or read the file", null));

   return false;

}

System.out.println("not null");

String sCurrentLine;

String fileHeader = br.readLine();

if (fileHeader != null && fileHeader.contains(",") && fileHeader.contains("attribute") && fileHeader.contains("value")) &&

fileHeader.contains("displayName")) &&

fileHeader.contains("type")) &&

fileHeader.contains("owner")) &&

fileHeader.contains("Requestable")) &&

fileHeader.contains("applicationName")) {

   while ((sCurrentLine = br.readLine()) != null) {

      String[] csvValue = sCurrentLine.split(",", 7); //Split the current line on comma,

      String value = csvValue[4].trim();

      boolean b = Boolean.parseBoolean(value);

      ManagedAttribute managerAttr = new ManagedAttribute();

      Application app = context.getObjectByName(Application.class, csvValue[5].trim());

      Identity id = context.getObjectByName(Identity.class, csvValue[3].trim());

      managerAttr.setApplication(app);

      managerAttr.setOwner(id);

      managerAttr.setRequestable(b);

      managerAttr.setDisplayName(csvValue[2].trim());

      managerAttr.setAttribute(csvValue[0].trim());

      managerAttr.setType(csvValue[6].trim());

      managerAttr.setValue(csvValue[1].trim());

      context.saveObject(managerAttr);

      context.commitTransaction();

   }

}

return "Success";

 

Reference this rule in to a "Run rule" Task and provide the filePath from your server. This can work for many applications at at time.

 

You can also throw in some try catch blocks for additional debugging.

 

Hopefully this helps.

 

Thank you

Labels (2)
Comments
jogobonito
‎Nov 22, 2018 09:57 AM
‎Nov 22, 2018 09:57 AM

Hi,

Thanks for the post.

We already do a similar type of task for some custom disconnected apps.

I suggest adding an ability to do a managed attr search/match for uniqueness for this type of solution and also periodic decaching of objects to prevent memory and cache bloat. We also added an ability to do delta refresh to limit repeated updates.

Here is a snippet that does a match for prexisting object:

  ManagedAttribute manageAttribute  = ManagedAttributer.get(SailPointContext context, Application appObject, String entitlementName, String entitlementValue);

ashwini_iyer
‎Nov 23, 2018 05:14 AM
‎Nov 23, 2018 05:14 AM

Thank you for your suggestion, Sridhar!

Version history
Revision #:
2 of 2
Last update:
‎Jul 13, 2023 05:30 PM
Updated by:
Community Administrator
 
View Article History