Filtering Account Field

pctripathi · October 1, 2024, 1:24pm

In the Image above
When “Self” radio button is selected a field appears and shows Accounts that are under the requester and have a type as NPIdentity.

When “Other” radio button is selected it shows all the Accounts with type as NPIdentity present in sailpoint environment.

Under Application name in first field i.e. “Select” the requester can pick any application which is a part of Sailpoint.
Below that field i.e. “Select Account field” I am getting the list of Accounts present under selected application name and has type as NPIdentity.

(1) I need to include one more condition with the above condition that while being type as NPIdentity and part of selected application it should also be under the requester. Self or other whatever is selected by the requester.

In below field if “Add” radio button is selected or “Remove” radio button is selected it is showing all the “SAP” type roles in sailpoint.

(2) I need that field to show all the roles/entitlements present in the selected application if “Add” radio button is selected and if “Remove” radio button is selected it should show the roles associated with the selected account.

Please help me in adding these two filters in Account and Role Fields.

<Section label="Requesting For" name="Section 1">
    <Field displayName="Select" name="Field_1" postBack="true" required="true" type="string">
      <AllowedValuesDefinition>
        <Value>
          <List>
            <String>Self</String>
            <String>Others</String>
          </List>
        </Value>
      </AllowedValuesDefinition>
    </Field>
    <Field displayName="Select NPIdentity SSO ID" dynamic="true" name="Field_2" postBack="true" required="true" type="sailpoint.object.Identity">
      <Attributes>
        <Map>
          <entry key="hidden">
            <value>
              <Script>
                <Source>
                  import sailpoint.object.Field;

                  Field f1 = form.getField("Field_1");
                  String f1value = f1.getValue();
                  boolean hideField = false;

                  if(!("Self".equalsIgnoreCase (f1value))) {

                  hideField= true; 
                  field.setRequired(false);
                  }
                  else {

                  field.setRequired(true);
                  }
                  return hideField;
                </Source>
              </Script>
            </value>
          </entry>
        </Map>
      </Attributes>
      <Script>
        <Source>import sailpoint.object.Filter; 
          import sailpoint.object.Identity;

          var field = form.getField("Field_2");

          if (field == null)
          return;

          Identity launcherObj = context.getObjectByName(Identity.class, context.getUserName());  

          var f1 = Filter.eq("manager.name", launcherObj.getName());                 
          f1 = Filter.and(f1, Filter.eq("workertype", "NPIdentity"));

          log.error("launcherObj"+launcherObj.getName()+".... " +f1.toString());
          field.setFilterString(f1.toString());</Source>
      </Script>
    </Field>
    <Field displayName="Enter NPIdentity SSO ID" dynamic="true" name="Field_3" postBack="true" required="true" type="string">
      <AllowedValuesDefinition>
        <Script>
          <Source>
            import sailpoint.object.*;
            List identityList = new ArrayList();
            QueryOptions qp = new QueryOptions();
            qp.addFilter(Filter.eq("lastname","NPIdentity"));
            Iterator it = context.search(Identity.class,qp);
            while ( it.hasNext() ) { 
            Identity identity = (Identity)it.next();
            //if(null != identity){ 
            if(null != identity &amp;&amp; identity.getManager() != null) { //added condition to select identities having managers
            identityList.add(identity.getAttribute("workerid"));
            }
            }
            return identityList;
          </Source>
        </Script>
      </AllowedValuesDefinition>
      <Attributes>
        <Map>
          <entry key="hidden">
            <value>
              <Script>
                <Source>import sailpoint.object.Field;

                  Field f1 = form.getField("Field_1");
                  String f1value = f1.getValue();
                  boolean hideField = false;
                  if(!("Others".equalsIgnoreCase (f1value))) {
                  hideField= true; 
                  field.setRequired(false);
                  }
                  else {
                  field.setRequired(true);
                  }
                  return hideField;</Source>
              </Script>
            </value>
          </entry>
        </Map>
      </Attributes>
    </Field>
    <Field displayName="Manager" dynamic="true" name="Field_5" postBack="true" required="true" type="string">
      <Attributes>
        <Map>
          <entry key="hidden">
            <value>
              <Script>
                <Source>import sailpoint.object.Field;

                  Field f1 = form.getField("Field_1");
                  String f1value = f1.getValue();
                  boolean hideField = false;

                  if(!("Others".equalsIgnoreCase (f1value))) {

                  hideField= true; 
                  field.setRequired(false);
                  }
                  else {

                  field.setRequired(true);
                  }
                  return hideField;</Source>
              </Script>
            </value>
          </entry>
        </Map>
      </Attributes>
      <Script>
        <Source>import sailpoint.object.*;
          import sailpoint.tools.Util;

          String managerName="";

          Object field3=form.getField("Field_3").getValue();

          if(field3!=null){

          String identityId=(String)field3;

          if(Util.isNotNullOrEmpty(identityId)){

          Identity idenObj = context.getObjectByName(Identity.class, identityId);
          if (idenObj != null)
          {
          if(idenObj.getAttribute("hrsupervisorname")!=null)
          managerName=idenObj.getAttribute("hrsupervisorname");
          }
          }
          } 
          return managerName;</Source>
      </Script>
    </Field>
  </Section>
  <Section label="Application Name" name="Section 2">
    <Field displayName="Select" dynamic="true" name="Field_6" postBack="true" required="true" type="Application"/>
    <Field displayName="Select Account" dynamic="true" multi="true" name="Field_7" postBack="true" required="true" type="string">
      <AllowedValuesDefinition>
        <Script>
          <Source>
import sailpoint.object.*;
 import java.util.List;
import java.util.ArrayList;
import sailpoint.object.Application;
import sailpoint.object.Identity;
import sailpoint.object.Link;
import sailpoint.object.QueryOptions;
import sailpoint.object.Filter;
import java.util.Iterator;
import java.util.Collections;
import sailpoint.api.IdentityService;
 
            List accountNames = new ArrayList();
			List identityList = new ArrayList();
			IdentityService is = new IdentityService(context);
            String applicationName = form.getField("Field_6").getValue();
            Application App = context.getObjectById(Application.class, applicationName);
            
            QueryOptions qp = new QueryOptions();
            qp.addFilter(Filter.eq("lastname","NPIdentity"));
            Iterator it = context.search(Identity.class,qp);
            while ( it.hasNext() ) { 
            Identity identity = (Identity)it.next();
            if(null != identity @and identity.getManager() != null) { 
            identityList.add(identity);
            }
            }
			for(Identity id:identityList){
			
			List links= is.getLinks(id,App);
			if(null !=links @and links.size()>0){
			for(Link link:links){
			if(!link.isDisabled())
			accountNames.add(link.getDisplayName());
			}
			
			}
			
			}
			
            
			return accountNames;

              </Source>
        </Script>
      </AllowedValuesDefinition>
    </Field>
    <Field displayName="Add or Remove Role" name="Field_8" postBack="true" required="true" type="string">
      <AllowedValuesDefinition>
        <Value>
          <List>
            <String>Add</String>
            <String>Remove</String>
          </List>
        </Value>
      </AllowedValuesDefinition>
    </Field>
    <Field displayName="Roles" dynamic="true" multi="true" name="Field_9" postBack="true" required="true" type="Bundle">
      <AllowedValuesDefinition>
        <Script>
          <Source>
            import sailpoint.tools.Util;
            import sailpoint.object.Bundle;
            import sailpoint.object.QueryOptions;
            import sailpoint.object.Filter;

            List roleList= new ArrayList();
            QueryOptions ops=new QueryOptions();
            ops.addFilter(Filter.eq("type","SAP"));
            Iterator it = context.search(Bundle.class, ops); 
            while ( (null != it) &amp;&amp; (it.hasNext()) ) { 
            Bundle record = (Bundle)it.next(); 
            roleList.add(record.getName()) ;
            }
            return roleList;
          </Source>
        </Script>
      </AllowedValuesDefinition>
      <Attributes>
        <Map>
          <entry key="hidden">
            <value>
              <Script>
                <Source> import sailpoint.object.Field;

                  Field f8 = form.getField("Field_8");
                  String f8value = f8.getValue();
                  boolean hideField = false;

                  if(!("Add".equalsIgnoreCase (f8value))) {

                  hideField= true; 
                  field.setRequired(false);
                  }
                  else {

                  field.setRequired(true);
                  }
                  return hideField;</Source>
              </Script>
            </value>
          </entry>
        </Map>
      </Attributes>
    </Field>
    <Field displayName="Roles" dynamic="true" multi="true" name="Field_10" postBack="true" required="true" type="Bundle">
      <Attributes>
        <Map>
          <entry key="hidden">
            <value>
              <Script>
                <Source> import sailpoint.object.Field;

                  Field f8 = form.getField("Field_8");
                  String f8value = f8.getValue();
                  boolean hideField = false;

                  if(!("Remove".equalsIgnoreCase (f8value))) {

                  hideField= true; 
                  field.setRequired(false);
                  }
                  else {

                  field.setRequired(true);
                  }
                  return hideField;</Source>
              </Script>
            </value>
          </entry>
        </Map>
      </Attributes>
    </Field>
  </Section>

enistri_devo · October 2, 2024, 5:54am

Hi @pctripathi,

In Select Account field, you can read the current user with context.getUserName() and the filter qp.addFilter(Filter.eq("manager.name",context.getUserName()));.
Choose if you add this filter with in and/or clause.

In “Roles” you can read the entitlements of given account with getEntitlements() on link:

or, read the bundles on the identity:

pctripathi · October 3, 2024, 1:54pm

Hi @enistri_devo
I am done with the filter criteria for Application Field.

I tried writing script for role but its not reflecting desired result.
I am sharing the filter Script for one field that is Field_9 for Add radio button.
Please check if there are any issues

<Field displayName="Roles" dynamic="true" multi="true" name="Field_9" postBack="true" required="true" type="Bundle">
<AllowedValuesDefinition>
<Script>
<Source>
import sailpoint.tools.Util;
import sailpoint.object.Bundle;
import sailpoint.object.Application;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;

    List roleList = new ArrayList();

    // Retrieve the selected application name from Field_6
    String selectedAppName = form.getFieldValue("Field_6");

    if (selectedAppName != null &amp;&amp; !selectedAppName.isEmpty()) {
      // Get the Application object for the selected application name
      Application selectedApp = context.getObjectByName(Application.class, selectedAppName);

      if (selectedApp != null) {
        // Get the bundles for the selected application
        List bundles = selectedApp.getBundles();

        // Filter the bundles by type "SAP"
        for (Bundle bundle : bundles) {
          if ("SAP".equals(bundle.getType())) {
            roleList.add(bundle.getName());
          }
        }
      }
    }
    return roleList;
  </Source>
</Script>
</AllowedValuesDefinition>
</Field>

enistri_devo · October 5, 2024, 5:34am

First of all, application doesnt have getBundles() method.
If you put all roles correlate with SAP, you must search those roles.

For searching a bundle correlate to an application you must search in own profile and you can use Advance Analitycs for building this filter:

Later you can use a string buffer(or other methods) to buildthe filter and search:

StringBuffer sb = new StringBuffer();
sb.append("id.subquery(sailpoint.object.BundleProfileRelation, \"bundleId\", \"sourceApplication.name == \"");
sb.append(appName);
sb.append("\")");

qo = new QueryOptions();
qo.addFilter(Filter.compile(sb.toString()));

Iterator = context.search(Identity.class, qo);

pctripathi · October 7, 2024, 9:12am

Hi @enistri_devo
Any problem in this one now. Can’t find error in this one but receiving system error while selecting application.

 import sailpoint.object.QueryOptions;
            import sailpoint.object.Filter;
            import sailpoint.object.Bundle;
            import java.util.List;
            import java.util.ArrayList;
            import java.util.Iterator;

            List roleList = new ArrayList();
            String appName = form.getField("Field_6").getValue(); // Get the selected application

            if (appName != null &amp;&amp; !appName.isEmpty()) {
            // Build filter string using StringBuffer
            StringBuffer sb = new StringBuffer();
            sb.append("id.subquery(sailpoint.object.BundleProfileRelation, \"bundleId\", \"sourceApplication.name == '");
            sb.append(appName);
            sb.append("'\")");

            QueryOptions qo = new QueryOptions();
            qo.addFilter(Filter.compile(sb.toString())); // Add the filter to QueryOptions
            qo.addFilter(Filter.eq("type", "SAP")); // Additional filter for SAP roles

            Iterator it = context.search(Bundle.class, qo); // Search for matching roles
            while (it.hasNext()) {
            Bundle role = (Bundle) it.next();
            roleList.add(role.getName()); // Add each role name to the list
            }
            }

            return roleList; // Return the filtered list of roles

system · December 6, 2024, 9:13am

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Show particular accounts that are under me IIQ Discussion and Questions workflows , identityiq , forms	19	36	October 28, 2024
Filter Account by last name from Application IIQ Discussion and Questions workflows , identityiq , forms	10	47	November 19, 2024
View all existing accounts in a dropdown field of a sailpoint iiq form IIQ Discussion and Questions workflows , identityiq	9	75	September 23, 2024
Get filtered Identity in dropdown field IIQ Discussion and Questions workflows , identityiq , forms	6	49	October 19, 2024
Filter Identities based on last name IIQ Discussion and Questions workflows , identityiq , forms	6	48	November 4, 2024

Filtering Account Field

Related topics