I created basically two genric step one is role conflict and another one is role removal so i provided two code first one is for role conflict: import sailpoint.object.;
import sailpoint.api.;
import sailpoint.tools.Util;
import sailpoint.tools.Message;
import java.util.*;
// Rule to check for role conflicts and handle notifications/role assignments
public void checkAndHandleRoleConflict(Identity identity, String requestedRole) {
SailPointContext context = SailPointFactory.getCurrentContext();
String checkerRole = “Checker”;
String makerRole = “Maker”;
// Check if the requested role is Maker and the user already has Checker role
if (makerRole.equalsIgnoreCase(requestedRole)) {
boolean hasCheckerRole = false;
// Check if the user has the Checker role
List<Bundle> assignedRoles = identity.getAssignedRoles();
for (Bundle role : assignedRoles) {
if (checkerRole.equalsIgnoreCase(role.getName())) {
hasCheckerRole = true;
break;
}
}
// If the user has the Checker role, send a notification
if (hasCheckerRole) {
String message = "You currently have the " + checkerRole + " role. If you are assigned the " + makerRole + " role, the " + checkerRole + " role will be removed.";
Message notification = new Message();
notification.setSubject("Role Conflict Notification");
notification.setBody(message);
notification.setTo(identity.getEmail()); // Send notification to the user's email
context.addObject(notification);
log.warn("Notification sent to user: " + identity.getName() + " about role conflict.");
}
}
if (identity.hasRole(makerRole) && identity.hasRole(checkerRole)) {
identity.removeRole(checkerRole);
context.saveObject(identity);
context.commitTransaction();
System.out.println("Checker role removed from user: " + identity.getName());
}
} and now the below one is for role removal: import sailpoint.object.Identity;
import sailpoint.object.Bundle;
import sailpoint.api.SailPointContext;
import sailpoint.tools.Util;
import sailpoint.tools.Message;
import java.util.List;
public class RoleExclusionRule {
public static void execute(SailPointContext context, Identity identity) throws Exception {
String makerRole = “Maker”;
String checkerRole = “Checker”;
boolean hasMakerRole = false;
boolean hasCheckerRole = false;
// Fetch assigned roles
List<Bundle> assignedRoles = identity.getAssignedRoles();
for (Bundle role : assignedRoles) {
if (makerRole.equalsIgnoreCase(role.getName())) {
hasMakerRole = true;
}
if (checkerRole.equalsIgnoreCase(role.getName())) {
hasCheckerRole = true;
}
}
// If user gets Maker role and has Checker role, remove Checker role
if (hasMakerRole && hasCheckerRole) {
identity.removeRole(checkerRole);
context.saveObject(identity);
context.commitTransaction();
System.out.println("Checker role removed from user: " + identity.getName());
}
}
}