Hello Sailors
I am currently working on a webservice integration wherein I need to pass few mandatory attributes to all the HTTP operations as mentioned below.
{ “userId”:“$plan.nativeIdentity$”,
“userName”: “$plan.userName$”,
“isActive”: true,
“createdBy”:“$plan.createdBy$”,
“domainName”: “$plan.domainName$”,
“userRole”:“$plan.userRole$”
}
For the operations Modify, Disable and Enable I need to pass the non-provisioned attributes userName, isActive, createdBy, domainName and userRole(for Modify operation). For this I created a before provisioning rule to get the account attributes from the respective app account and updated the plan with these attribute requests as mentioned below and later created and attached a before operation rule to these HTTP ops on the source, but no luck. I still do not see these attributes in the plan. I want to understand what’s missing in my implementations? Before prov rule.java (2.4 KB)
Hi,
Have you attached the before provisioning rule to the source ? You dont need to add it to the operation but rather than the source. Can you please share the screenshort of the rule added?
Hi Prashanth,
Have you created Provisioning Policies for Update, enable and Disable operations? then only you can get those attributes into respective operation plan.
Hi @Prashanth_Rathipelli,
Thank you for sharing. Can you search the user for whom you are requesting and go to Account Request and see these values getting adding there ? Can you share the screenshot for the same so that we can check wheather the rule is executing and the values are written ? If you dont see the attributes it means that the Rule is not executing and might be getting an error while executing?
@Prashanth_Rathipelli In your BPR I see you are passing the fetched userName and currentRoles in account request as arguments. Instead you need to pass them as attributeRequests to see them in before operation rule. Here is the updated code which should work and you will also see these additional attribute userName, currentRoles in account activity based on the operation that is triggered.
if (plan != null) {
List accountRequests = plan.getAccountRequests();
if (accountRequests != null) {
for (AccountRequest acctReq : accountRequests) {
String nativeIdentity = acctReq.getNativeIdentity();
Account account = idn.getAccountByNativeIdentity("App", nativeIdentity);
String userName = "";
List currentRole = new ArrayList();
if (account != null) {
Map accountAttributes = account.getAttributes();
// Get Username from the App Account
userName = (String) accountAttributes.get("userName");
log.debug("App : The username is" + userName);
// Get currently assigned entitlements
if (accountAttributes.get("userRole") != null) {
// add all roles on the account to the currentRole list
Object AppRole = accountAttributes.get("userRole");
currentRole.addAll(AppRole);
}
}
if (ProvisioningPlan.AccountRequest.Operation.Disable.equals(acctReq.getOp())
|| ProvisioningPlan.AccountRequest.Operation.Enable.equals(acctReq.getOp())) {
log.debug("App : The execution is in the Disable and Enable Operation");
AttributeRequest userNameAttr = new AttributeRequest("userName", ProvisioningPlan.Operation.Set, userName);
AttributeRequest currentRolesAttr = new AttributeRequest("userRole", ProvisioningPlan.Operation.Add, currentRole);
acctReq.add(userNameAttr);
acctReq.add(currentRolesAttr);
} else if (AccountRequest.Operation.Modify.equals(acctReq.getOp())) {
log.debug("App : The execution is in the Modify Operation");
AttributeRequest userNameAttr = new AttributeRequest("userName", ProvisioningPlan.Operation.Set, userName);
acctReq.add(userNameAttr);
}
}
}
}
