Hello Experts,
Please help me in below code as this leaver disable is running for old records too. I made some changes “New addition” to handle rehire’s exit.
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE Rule PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<Rule created="1471274124177" id="1339a046568ec45b01568ec583910095" language="beanshell" modified="1641196888311" name="mycompany-IdentitySelector-LeaverDisableTrigger" type="IdentitySelector">
<ReferencedRules>
<Reference class="sailpoint.object.Rule" id="1339a046568ec45b01568ec57126006c" name="mycompany LifeCycle Rules Library"/>
</ReferencedRules>
<Signature returnType="boolean">
<Inputs>
<Argument name="log">
<Description>
The log object associated with the SailPointContext.</Description>
</Argument>
<Argument name="context">
<Description>
A sailpoint.api.SailPointContext object that can be used to query the database if necessary.</Description>
</Argument>
<Argument name="identity" type="Identity">
<Description>
The identity.</Description>
</Argument>
</Inputs>
<Returns>
<Argument name="success">
<Description>
True if the selection was successful; false otherwise.</Description>
</Argument>
</Returns>
</Signature>
<Source>
import sailpoint.object.Identity;
import sailpoint.tools.Util;
import sailpoint.object.QueryOptions;
import sailpoint.object.Filter;
import sailpoint.object.IdentityRequest;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import java.util.Date; // New addition
import java.time.Duration; // New addition
import java.time.Instant; // New addition
private static Log logger = LogFactory.getLog("rule.mycompany.LCE");
logger.debug("mycompany-IdentitySelector-LeaverDisableTrigger :: Start");
boolean retFlag = false;
// Check if the IdentityRequest has already been created for this user
try {
Integer days = 1; // No of days duration - New addition
String targetId = identity.getId();
QueryOptions qo = new QueryOptions();
qo.add(new Filter[] { Filter.eq("targetId", targetId) });
qo.add(new Filter[] { Filter.eq("type", "SSF LeaverDisable") });
//qo.add(new Filter[] { Filter.ne("executionStatus", "completed") });
Date recentDateThreshold = Date.from(Instant.now().minus(Duration.ofDays(days))); // New addition
qo.add(new Filter[] { Filter.gt("created", recentDateThreshold ) }); // New addition
int totalRequests = context.countObjects(IdentityRequest.class, qo);
if (totalRequests > 0) {
// if (totalRequests > 3) {
logger.debug("Found a open identity request for this user, totalRequests = " + totalRequests);
return false;
}
} catch (Exception e) {
logger.fatal("Exception during mycompany-IdentitySelector-LeaverDisableTrigger, Exception = " + e.getMessage());
}
if(identity != null) {
logger.debug("Disable Trigger - Identity = " + identity.getName());
//Fix to not process old records
List links = identity.getLinks();
if (links != null) {
logger.debug("Number of Apps : " + links.size());
if (links.size() <= 1){
logger.debug("Old record - no need to process");
return false;
}
}
String status = identity.getAttribute("Status");
logger.debug("status = " + status);
String rStatus = identity.getAttribute("EmploymentStatus");
logger.debug("rStatus = " + rStatus);
if(((null != status) && ("Terminated".equalsIgnoreCase(status)) && (null != rStatus) && ("T".equalsIgnoreCase(rStatus)))||
((null != status) && ("Retired".equalsIgnoreCase(status)) && (null != rStatus) && ("R".equalsIgnoreCase(rStatus)))){
String termDate = identity.getAttribute("TerminationDate");
String disableDelete;
if (!Util.isNullOrEmpty(termDate)) {
if (!moreThan30Days(termDate)) {
retFlag = true;
}
}
}
logger.debug("retFlag = " + retFlag);
}
logger.debug("mycompany-IdentitySelector-LeaverDisableTrigger :: End");
return retFlag;
</Source>
</Rule>