On the operational side, this is something useful to keep the system clean and neat for pending access requests for a long time, which leads to an impact on performance as well. So, this can change the code if you want, according to your requirements. is a standalone rule that checks access requests that have been pending for a long time and takes action on them. You can change the code if you want, according to your requirements. And use this rule in your task and schedule it according to the frequency you need.
Rule:
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE Rule PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<Rule language="beanshell" name="BPK-Rule-Purging-AccessRequests">
<Source>
import sailpoint.object.QueryOptions;
import sailpoint.object.IdentityRequest;
import sailpoint.object.Filter;
import sailpoint.object.TaskResult;
import sailpoint.object.WorkflowCase;
import sailpoint.api.Workflower;
import sailpoint.api.Terminator;
import sailpoint.tools.Util;
import sailpoint.tools.Message;
try {
Terminator terminator = new Terminator(context);
Workflower workflower = new Workflower(context);
int daysToDelete = 365;
int daysToDeleteNegative = (~(daysToDelete - 1));
Calendar cal = Calendar.getInstance();
cal.add(Calendar.DAY_OF_MONTH, daysToDeleteNegative);
Date beforeDate= cal.getTime();
QueryOptions qo = new QueryOptions();
qo.addFilter(Filter.lt("created",beforeDate));
qo.addFilter(Filter.or(Filter.eq("completionStatus", "Pending"),Filter.eq("executionStatus", "Executing")));
Iterator iterator = context.search(IdentityRequest.class,qo);
if( null!= iterator){
while(iterator.hasNext()){
IdentityRequest identityRequest = (IdentityRequest) iterator.next();
if(null != identityRequest && null != identityRequest.getAttribute("taskResultId"))
{
TaskResult taskResult = context.getObjectById(TaskResult.class,identityRequest.getAttribute("taskResultId"));
if(null != taskResult && null != taskResult.getAttribute("workflowCaseId"))
{
WorkflowCase workflowCase = context.getObjectById(WorkflowCase.class, taskResult.getAttribute("workflowCaseId"));
if(null != workflowCase)
{
workflower.terminate(workflowCase);
}
//terminator.deleteObject(taskResult);
}
Calendar cal2 = Calendar.getInstance();
Date verificationDate = cal2.getTime();
List msgList = new ArrayList();
Message msg = new Message();
msg.setType(Message.Type.Warn);
msg.setKey("Because it has been there in pending queue from long back, This request has been made to terminated through a rule explicitly.");
msgList.add(msg);
identityRequest.setMessages(msgList);
identityRequest.setVerified(verificationDate);
identityRequest.setExecutionStatus(IdentityRequest.ExecutionStatus.Terminated);
identityRequest.setCompletionStatus(IdentityRequest.CompletionStatus.Failure);
context.saveObject(identityRequest);
context.commitTransaction();
}
}
Util.flushIterator(iterator);
}
}
catch(Exception e) {
// Block of code to handle errors
}
</Source>
</Rule>