I want to write a rule for those identities which have not done any certification in last 90 days.if there is any identities then it will violating that policy

IdentityIQ (IIQ) IIQ Discussion and Questions
, ,
1

I have right this code some help to check if this ok or should I change something. i did not try this

import sailpoint.object.Identity;
import sailpoint.object.Link;
import java.util.Date;
import sailpoint.object.Policy;
import sailpoint.object.PolicyViolation;
import sailpoint.object.CertificationLink;
import sailpoint.api.IdentityService;
import sailpoint.tools.GeneralException;
import sailpoint.tools.Message;
import java.text.SimpleDateFormat;
import java.text.DateFormat;
import java.util.*;
/**
			
			*return a date 90 days before today.
			
			*/
private Date getDateNDaysAgo(int numDays) {
    Calendar cal = Calendar.getInstance();
    Date returnDate = null;
    cal.add(Calendar.DATE, -(numDays));
    returnDate = cal.getTime();
    return (returnDate);
}
/**
 * Checks if the first date is before the second date ignoring time.
 **/
public static boolean isBeforeDay(Date date1, Date date2) {
    if (date1 == null || date2 == null) {
        throw new IllegalArgumentException("The dates must not be null");
    }
    Calendar cal1 = Calendar.getInstance();
    cal1.setTime(date1);
    Calendar cal2 = Calendar.getInstance();
    cal2.setTime(date2);
    if (cal1 == null || cal2 == null) {
        throw new IllegalArgumentException("The dates must not be null");
    }
    if (cal1.get(Calendar.ERA) < cal2.get(Calendar.ERA)) return true;
    if (cal1.get(Calendar.ERA) > cal2.get(Calendar.ERA)) return false;
    if (cal1.get(Calendar.YEAR) < cal2.get(Calendar.YEAR)) return true;
    if (cal1.get(Calendar.YEAR) > cal2.get(Calendar.YEAR)) return false;
    return cal1.get(Calendar.DAY_OF_YEAR) < cal2.get(Calendar.DAY_OF_YEAR);
}
CertificationLink certificationLink = identity.getLatestCertification();
System.out.println("Latest Certification Link of Identity: " + certificationLink);
Date certificationCompletionDate = certificationLink.getCompleted();
//throwing Null at the above line 
Date testDate = getDateNDaysAgo(90);
if (isBeforeDay(certificationCompletionDate, testDate)) {
    v = new PolicyViolation();
    v.setActive(true);
    v.setIdentity(identity);
    v.setPolicy(policy);
    v.setConstraint(constraint);
    v.setDescription("[Last Login Date is more than 90 days ago.]");
    v.setStatus(sailpoint.object.PolicyViolation.Status.Open);
}
return v;
}
2

Hi @lakshji17,

about calculating the difference between date you can use this:

DateTimeFormatter dtf = DateTimeFormatter.ofPattern("dd MM yyyy");
LocalDateTime date1 = LocalDate.parse("stringdate1", dtf);
LocalDateTime date2 = LocalDate.parse("stringdate2", dtf);
long diffDays = Duration.between(date1, date2).toDays();

and why dont you use a policy? You can create an advanced policy and use a rule that detect the difference of days:

image
image362×526 11.9 KB

1 Like
3

Hi @lakshji17,

You can utilize the following code to calculate the difference between two dates and create policyviolation.

                       import sailpoint.object.Identity;
                    import java.time.format.DateTimeFormatter;
                    import java.time.LocalDate;
                    import java.text.SimpleDateFormat;
                    import java.text.ParseException;
                    import java.util.Date;
                    import sailpoint.object.PolicyViolation;
					
					
                    boolean result = false;
                    Date certDate=null;
                    LocalDate now = LocalDate.now();
                    LocalDate then = now.minusDays(90);   
                    CertificationLink certLink = identity.getLatestCertification();
                    if(null != certLink){
                    certDate =  certLink.getCompleted();
                    }
                    String formatDate = new SimpleDateFormat("MM/dd/yyyy").format(certDate);                   
                    LocalDate logon = LocalDate.parse(formatDate, DateTimeFormatter.ofPattern("MM/dd/yyyy")); 
                    result = logon.isBefore(then);  
                    

  if(result){	
	PolicyViolation v = null;
	v = new PolicyViolation();
	v.setActive(true);
	v.setIdentity(identity);
	v.setPolicy(policy);
	v.setConstraint(constraint);
	v.setStatus(sailpoint.object.PolicyViolation.Status.Open);
	return v;
}
4

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.