8.4
How can i know that a particular method can be used in a particular rule in certification in SailPoint IIQ
for example, there is a method named: bulkReassignEntities() in the certification object.
when I try to use it in the Active period enter rule, I am getting an error saying “Exception: java.security.PrivilegedActionException: null”
even though “certification” is an argument in the Active period enter rule
Further down in the log there should be a more detailed error. What you posted is common for many different types of problems.
To answer the first part of your question, in general, any method can be utilized in a rule for IIQ. Whether or not the relevant object needed for a method is currently instantiated in your context is a different story. For a specific type of rule, you can search examplerules.xml which is included in every IIQ war file under WEB-INF/config/examplerules.xml.
Just be aware that certain actions may not work as you expect in different fashions. For instance, in a pre-delegation rule for targeted certifications, re-assignment does not work but it would work in a manager certification. The place to find that little tidbit is in the Certifications and Access Reviews doc that is included as part of the IIQ 8.4 documentation.
So if you want to get further into detail, we’ll need more relevant detail from your logs.
It is a Targeted certification.
here is the Active period enter rule.
import sailpoint.object.CertificationEntity;
import sailpoint.object.Identity;
import sailpoint.object.Certification;
import org.apache.log4j.Logger;
import org.apache.log4j.Level;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.security.PrivilegedActionException;
Logger log = Logger.getLogger("rule.ActivePeriodEnterRule");
log.setLevel(Level.DEBUG);
log.debug("******* Active Period Enter rule started *******");
if (certificationEntity != null) {
log.debug("Certification: " + certification.getName());
List<String> certifiers = certification.getCertifiers();
if (certifiers != null && !certifiers.isEmpty()) {
String certifierName = certifiers.get(0);
log.debug("Certifier Name: " + certifierName);
// Prepare a map to store results and track reassignment details
Map<String, Object> results = new HashMap<>();
// Add recipient details to results
results.put("recipient", managerIdentity);
results.put("recipientName", managerIdentity.getName());
// Prepare list to hold entity IDs for reassignment
List<String> entityIdsToReassign = new ArrayList<>();
List<CertificationEntity> entities = certification.getEntities();
log.debug("Entities size: " + entities.size());
if (entities != null && !entities.isEmpty()) {
for (CertificationEntity entity : entities) {
log.debug("Processing entity: " + entity.toXml());
String entityIdentity = entity.getIdentity();
log.debug("Entity Identity: " + entityIdentity);
// If Entity Identity matches the certifier name
if (entityIdentity.equals(certifierName)) {
log.debug("Entity Identity matches Certifier Name: " + certifierName);
entityIdsToReassign.add(entity.getId());
// Add description and comments
results.put("description", "Please certify " + entity.getFullname());
results.put("comments", "Please determine the appropriate access for " +
entity.getFullname() + " within the next 5 business days.");
results.put("reassign", true); // This flag indicates reassignment
}
}
// Log the parameters before calling the method
log.debug("Requester: " + certifier);
log.debug("Entity IDs: " + entityIdsToReassign);
log.debug("Recipient: " + managerIdentity);
log.debug("Cert Name: new self certification");
log.debug("Description: " + results.get("description"));
log.debug("Comments: " + results.get("comments"));
// If there are entities to reassign, call the bulkReassignEntities method
if (!entityIdsToReassign.isEmpty()) {
try {
certification.bulkReassignEntities(
certifier, // requester (Rathan Kumar)
entityIdsToReassign, // list of entity IDs
managerIdentity, // recipient (Sajish)
"new self certification", // certName: name of the new certification
results.get("description"), // description
results.get("comments") // comments
);
log.debug("Entities successfully delegated to " + managerIdentity.getName());
} catch (PrivilegedActionException pae) {
log.error("PrivilegedActionException caught during bulk reassignment: ", pae);
} catch (GeneralException e) {
log.error("GeneralException during bulk reassignment: ", e);
}
} else {
log.warn("No entity IDs to reassign.");
}
}
} else {
log.debug("Manager Identity is null for certifier: " + certifierName);
}
} else {
log.debug("Certifier not found: " + certifierName);
}
} else {
log.debug("No certifiers found.");
}
} else {
log.error("Certification object is null.");
}
log.debug("******* Active Period Enter rule ended *******");
I’m able to get the all the entities, items, owner and his manager too.
info. about the method:
public void bulkReassignEntities([Identity] requester, java.util.List<java.lang.String> entityIds, [Identity] recipient, java.lang.String certName, java.lang.String description, java.lang.String comments) throws GeneralException
Bulk reassign the given entities referred to by the given list of IDs
Parameters:
requester - The requester
entityIds - The IDs of the entities to reassign
recipient - The delegate.
certName - The name of the certification to generate
description - Descriptive text about the delegation.
comments - Comments about the delegation.
Throws:
GeneralException
But when I try to use the bulkReassignEntities() I’m getting the error and here are the related logs.
Hi @Premchand, you’re getting a parsing error, not an error regarding the method definition
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.
