Hi All, we have an requirement that, when the user gets terminated at that time we need cancell all the pending access request to the user. Here, we are able to cancel the access reuest for automated apps but for disconnected apps it is getting generated manual workitem need to cancel that also.how can we acheive this, your inputs will be helpful. Thanks in advance.
You can try something like this from the leaver workflow -
This code looks for all open approval and manual fulfilment workitems associated to the terminated user and close/cancel them out.
import java.util.List;
import sailpoint.object.;
import sailpoint.api.;
import sailpoint.tools.*;
Identity identity = context.getObjectByName(Identity.class, identityName);
if (null != identity) {
//log.debug(“Starting query for workitems”);
String idname = identity.getName();
String desc = "Manual Changes requested for User: " +identity.getDisplayName();
String desc2="Owner Approval - Account Changes for User: " +identity.getDisplayName();
//log.debug(“Description =” +desc);
Filter f1 = Filter.or(Filter.eq(“description”, desc), Filter.eq(“description”, desc2));
QueryOptions ops = new QueryOptions();
ops.addFilter(f1);
List items=context.getObjects(WorkItem.class,ops);
if(!items.isEmpty()) {
for (WorkItem item:items) {
item.setState(WorkItem.State.Canceled);
item.setCompleter("spadmin");
item.setCompletionComments("Cancelled due to user termination");
Workflower workflower = new Workflower(context);
workflower.process(item, false);
context.decache(item);
}
}
} else {
log.error("Remove WorkItem Step – identity is null ");
}
Hope this is what you were looking for.
Hi @akash_gupta , thank you for the rule. let me try this, hopefully it will work.
1 Like
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.