Which IIQ version are you inquiring about?
8.4P2
Share all details about your problem, including any error messages you may have received.
*Team,
For a webservices application, we’ve developed a before provisioning rule, the purpose is application supports only single Entitlement/Role at a time.
We need to explicitly clean-up existing IT role and trying to add it in the Access Request but encountered with below error.*
| An unexpected error occurred: failed to lazily initialize a collection of role: sailpoint.object.Identity.links, could not initialize proxy - no Session
```
if (plan != null) {
try {
String id = plan.getNativeIdentity();
| Identity identity = context.getObjectByName(Identity.class, id); |
|---|
List<AccountRequest> accountRequestList = new ArrayList();
for (AccountRequest accountRequest : plan.getAccountRequests()) {
String nativeID = accountRequest.getNativeIdentity();
if (accountRequest.getOp().equals(ProvisioningPlan.ObjectOperation.Modify)) {
boolean hasAdd = false;
boolean hasRemove = false;
for (AttributeRequest attributeRequest : accountRequest.getAttributeRequests()) {
if ("role".equals(attributeRequest.getName()) && attributeRequest.getValue() != null) {
if ("Add".equalsIgnoreCase(attributeRequest.getOp().name())) {
hasAdd = true;
} else if ("Remove".equalsIgnoreCase(attributeRequest.getOp().name())) {
hasRemove = true;
}
}
}
if (hasAdd && hasRemove) {
Iterator<AttributeRequest> it = accountRequest.getAttributeRequests().iterator();
while (it.hasNext()) {
AttributeRequest attributeRequest = it.next();
if("role".equals(attributeRequest.getName()) && "Remove".equalsIgnoreCase(attributeRequest.getOp().name()) && attributeRequest.getValue() != null) {
it.remove();
}
}
} else if (hasAdd && !hasRemove) {
List<RoleDetection> listOfRoles = identity.getRoleDetections(application);
for (RoleDetection rd : listOfRoles) {
String comments = "Auto removed as it's a single entitlement application";
Attributes att = new Attributes();
Map attMap = new HashMap();
attMap.put("comments", comments);
String parentBundle = "";
String roleName = rd.getRoleName();
List<RoleAssignment> roleAssignments = identity.getRoleAssignments();
if (null != roleAssignments && !roleAssignments.isEmpty()) {
for (RoleAssignment roleAssingment : roleAssignments) {
List<RoleAssignment> permittedRoleAssignments = roleAssingment
.getPermittedRoleAssignments();
if (null != permittedRoleAssignments && !permittedRoleAssignments.isEmpty()) {
for (RoleAssignment permittedRoleAssignment : permittedRoleAssignments) {
if (permittedRoleAssignment.getRoleName().equalsIgnoreCase(roleName)) {
parentBundle = roleAssingment.getRoleName();
}
}
}
}
}
if (parentBundle != "") {
attMap.put("permittedBy", parentBundle);
attMap.put("assignment", true);
}
att.putAll(attMap);
AttributeRequest attrReq = new AttributeRequest("detectedRoles",
ProvisioningPlan.Operation.Remove, roleName);
attrReq.setArgs(att);
Provisioner p = new Provisioner(context);
ProvisioningPlan newPlan = new ProvisioningPlan();
newPlan.setIdentity(identity);
p.setOptimisticProvisioning(true);
AccountRequest newAcc = new AccountRequest();
newAcc.setApplication("IIQ");
newAcc.setTargetIntegration("IIQ");
newAcc.setNativeIdentity(identity.getName());
newAcc.add(attrReq);
newAcc.setOperation(ProvisioningPlan.AccountRequest.Operation.Modify);
newPlan.add(newAcc);
p.execute(newPlan);
String workflowName = "LCM Provisioning";
String caseName = "Role Assignment for : " + identity.getName();
}
}
}
}
} catch (Exception e) {
e.printStackTrace();
}
}`
context.decache();