Please elaborate. Are speaking about the actual SailPoint.log file?
Sorry my bad. I forgot to add the line. This line in Validation rule is printing the value right. Can you share this log statement to confirm the value
serilog.debug("Validate Supervisor region :region is" +region +"valyue is " + value);
The issue seems like because the name value is returned by the Rule. And when I was testing in my setup it was returning Id. To make sure name is returned always slight correction in form field. Adding the following entry to the form field <entry key="valueProperty" value="name"/>
<Field displayName="Supervisor" dynamic="true" helpKey="The VDOT user’s manager or whom they report to" name="manager" postBack="true" required="true" type="sailpoint.object.Identity">
<Attributes>
<Map>
<entry key="filterString">
<value>
<Script>
<Source>
import java.util.List;
import java.util.ArrayList;
import sailpoint.object.Filter;
import sailpoint.object.Filter.MatchMode;
import sailpoint.object.Field;
import sailpoint.object.Form;
// Get values the user has currently selected
serilog=org.apache.commons.logging.LogFactory.getLog("sailpoint.cutom.rule.logger");
//Filter filter =Filter.and(Filter.eq("inactive", "false"), Filter.eq("type", "employee"));
Field region = form.getField("region");
serilog.debug("Create Form : Supervisor Filter, region selected is " + region.getValue() + " Filter is " + filter );
Filter filter = Filter.and(Filter.eq("workgroup",true),Filter.eq("name", "OIS"));
if(null != region) {
String regionValue = region.getValue();
serilog.debug("Create Form : Supervisor Filter, region selected is " + regionValue );
if (regionValue != null && !regionValue.isEmpty()) {
filter = Filter.or(Filter.and(Filter.eq("type","employee"), Filter.eq("inactive",false), Filter.eq("region",regionValue)),filter);
serilog.debug("Create Form : Supervisor Filter, Filter selected is " + filter );
}
}
field.setFilterString(filter.toString());
</Source>
</Script>
</value>
</entry>
<entry key="valueProperty" value="name"/>
</Map>
</Attributes>
<ValidationRule>
<Reference class="sailpoint.object.Rule" id="7f000001811b181881811be9340103c9" name="Validate Supervisor region"/>
</ValidationRule>
</Field>
And slight correction in VDOTUtilsRuleLibrary . I reverted back the method to getObjectByName
public boolean verifySupervisorRegion(String region,String supervisorName)
{
Identity supervisor=context.getObjectByName(Identity.class,supervisorName);
if(supervisor!=null)
{
if(supervisor.isWorkgroup() && supervisorName.equals("OIS")){
return true;
}
String Sregion=supervisor.getAttribute("region");
if(Sregion!=null && Sregion.equals(region))
{
return true;
}
else
{
return false;
}
}
else
{
serilog.debug("VDOT Rule Library:verifySupervisorRegion,Error cannot get Supervisor NAme ");
throw new GeneralException("Cannot get Supervisor, Check logs for details");
return false;
}
}
Let me know if this is working
It is working now. I will let you know of any more complications with the OIS workgroup in the Supervisor field.
Jarin, how can I stop the drop-down code from showing inactive identities as well? Is there an inactive condition?
As I mentioned in my earlier response if you are using the above script, it has the inactive condition. If not, please share your latest script to validate.
Hi Jarin,
Here is the script I am using.
<Field displayName="Supervisor" dynamic="true" helpKey="The VDOT user’s manager or whom they report to" name="manager" postBack="true" required="true" type="sailpoint.object.Identity">
<Attributes>
<Map>
<entry key="filterString">
<value>
<Script>
<Source>
import java.util.List;
import java.util.ArrayList;
import sailpoint.object.Filter;
import sailpoint.object.Filter.MatchMode;
import sailpoint.object.Field;
import sailpoint.object.Form;
// Get values the user has currently selected
serilog=org.apache.commons.logging.LogFactory.getLog("sailpoint.cutom.rule.logger");
//Filter filter =Filter.and(Filter.eq("inactive", "false"), Filter.eq("type", "employee"));
Field region = form.getField("region");
serilog.debug("Create Form : Supervisor Filter, region selected is " + region.getValue() + " Filter is " + filter );
Filter filter = Filter.and(Filter.eq("workgroup",true),Filter.eq("name", "OIS"));
if(null != region) {
String regionValue = region.getValue();
serilog.debug("Create Form : Supervisor Filter, region selected is " + regionValue );
if (regionValue != null && !regionValue.isEmpty()) {
filter = Filter.or(Filter.and(Filter.eq("type","employee"), Filter.eq("inactive",false), Filter.eq("region",regionValue)),filter);
serilog.debug("Create Form : Supervisor Filter, Filter selected is " + filter );
}
}
field.setFilterString(filter.toString());
</Source>
</Script>
</value>
</entry>
<entry key="valueProperty" value="name"/>
</Map>
</Attributes>
<ValidationRule>
<Reference class="sailpoint.object.Rule" id="7f000001811b181881811be9340103c9" name="Validate Supervisor region"/>
</ValidationRule>
</Field>
How can I make inactive users stop showing up?
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.