How should i get the users selected entitlement in advanced policies?

IdentityIQ (IIQ) IIQ Discussion and Questions
3

Hi @rajeshs
here the requirement is if ABC entitlement from XYZ application is selected

Need to check whether the selected user is having the XYZ application or not
a. if the user have an application then allow the request
b. If the user don’t have the application link then block him saying "please raise request for “Role A” and get the account created.
Please check the below code . in this code i need to get users selecting entitlement
futureIDExceptions=futureID.getExceptions(); - but iam getting existing entitlement for that user . can you please give any suggest for this

import sailpoint.object.;
import java.util.;
import java.text.*;
import org.apache.log4j.Logger;
import org.apache.log4j.Level;
boolean roleViolation = true;
PolicyViolation violation = null;
String appName;
boolean isViolation = false;
boolean rasieRequest = false;
boolean hasApp = false;
Identity futureID=identity;
if(null != futureID && null != existingID)
{
List existingIDExceptions = new ArrayList();
List futureIDExceptions = new ArrayList();
Identity existingID=context.getObjectByName(Identity.class,futureID.getName());
List links = existingID.getLinks();
for(Link link : links)
{
if(link.getApplicationName().equals(“Application Name”))
{
hasApp = true;
break;
}
}
if(!hasApp)
{
if(null!=futureID){
existingIDExceptions=existingID.getExceptions();
futureIDExceptions=futureID.getExceptions();
if(existingIDExceptions!=null && existingIDExceptions.size()>0){
for (EntitlementGroup entitlementGroup : existingIDExceptions) {
String entitlementAppName = entitlementGroup.getApplicationName();
if(entitlementAppName.equalsIgnoreCase(“Application Name”)) {
//rasieRequest = true;
}
}
}
if(futureIDExceptions!=null && futureIDExceptions.size()>0){
for (EntitlementGroup entitlementGroup : futureIDExceptions) {
String entitlementAppName = entitlementGroup.getApplicationName();
if(entitlementAppName.equalsIgnoreCase(“Application Name”)) {
rasieRequest = true;
}
}
}
if(rasieRequest)
{
String blockingMsg =“You cannot request Application Name Entitlement without Application Name”;
violation = new PolicyViolation();
violation.setActive(true);
violation.setIdentity(identity);
violation.setPolicy(policy);
constraint.setName(blockingMsg);
violation.setConstraint(constraint);
violation.setDescription(blockingMsg);
violation.setStatus(sailpoint.object.PolicyViolation.Status.Open);
}
}
}
}Preformatted text
return violation;

1 Like