Hi All,
Hope you are doing great.
We had a usecase where for an attribute change in identity we need to create a mini cert ( if you call it so). Where we are creating approval items in a workflow based on the roles that an identity has and it is sent to the users manager.
So for this we are creating attribute request in plan like this:
ProvisioningPlan.AttributeRequest attrReq = new ProvisioningPlan.AttributeRequest();
attrReq.setName(ProvisioningPlan.ATT_IIQ_DETECTED_ROLES);
attrReq.setOperation(ProvisioningPlan.Operation.Add);
attrReq.setValue(oldRole);
acctReq.add(attrReq);
''''
plan.add(acctReq);
And then we are doing this for approvalset
<Step action="compileProvisioningProject" icon="Task" name="Compile Project" resultVariable="project">
<Arg name="identityName" value="ref:identityName"/>
<Arg name="plan" value="ref:plan"/>
<Arg name="requester" value="ref:launcher"/>
<Arg name="source" value="ref:source"/>
<Arg name="optimisticProvisioning" value="ref:optimisticProvisioning"/>
<Arg name="disableRetryRequest" value="!ref:enableRetryRequest"/>
<Description>
Compile the provisioning plan into a provisioning project.
If you need to pass in provisioner options like "noFiltering"
or "noRoleDeprovisioning" you must pass them as explicit
arguments to the call.
The evaluation options "requester" and "source" are commonly
set here.
You can also pass things into the Template and Field scripts by
defining Args in this step.</Description>
<Transition to="Build Approval Set" when="script:isNull(approvalSet)"/>
<Transition to="End"/>
</Step>
<Step action="call:buildApprovalSet" name="Build Approval Set" resultVariable="approvalSet">
<Arg name="plan" value="ref:plan"/>
<Return name="approvalSet" to="approvalSet"/>
<Transition to="Approval" when="script:!approvalSet.isEmpty()"/>
<Transition to="End"/>
</Step>
This gives us the approvalset but the problem is when we click on the i button to see the details we are getting a NullPointer.
java.lang.NullPointerException
at sailpoint.rest.ui.ApprovalItemResource.getRoleDetails(ApprovalItemResource.java:295)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.glassfish.jersey.server.internal.routing.SubResourceLocatorRouter.lambda$getResource$0(SubResourceLocatorRouter.java:132)
at org.glassfish.jersey.server.internal.routing.SubResourceLocatorRouter.getResource(SubResourceLocatorRouter.java:150)
at org.glassfish.jersey.server.internal.routing.SubResourceLocatorRouter.apply(SubResourceLocatorRouter.java:86)
at org.glassfish.jersey.server.internal.routing.RoutingStage._apply(RoutingStage.java:86)
at org.glassfish.jersey.server.internal.routing.RoutingStage._apply(RoutingStage.java:89)
at org.glassfish.jersey.server.internal.routing.RoutingStage._apply(RoutingStage.java:89)
at org.glassfish.jersey.server.internal.routing.RoutingStage._apply(RoutingStage.java:89)
at org.glassfish.jersey.server.internal.routing.RoutingStage._apply(RoutingStage.java:89)
→ When we click on the i button as shown below:
→ We can see a “rest” call happening internally which is getting this 500 error while fetching the role details.
http://192.168.117.128:8080/identityiq/ui/rest/approvals/c0a8d0817d9e1492817e6c6da47840dd/items/1eddfc3076ea4788b6afe78f3e1a94b2/roleDetails
We are on IIQ8 p1
It will be really helpful if anyone has any idea or workaround on this.
