Limit each Identity Request in SailPoint IIQ to not carry more than 20 (exclude) request items

IdentityIQ (IIQ) IIQ Discussion and Questions
2

Below is the code which will only check roles, not entitlements

import java.util.List;
import sailpoint.tools.Util;
import java.util.ArrayList;
import sailpoint.object.Identity;
import sailpoint.object.Bundle;
import sailpoint.object.PolicyViolation;

log.debug(“Inside (Add Access) Policy Violation”);
PolicyViolation violation = null;
boolean vflag = false;
String desc = null;

try {
Identity reqIdentity = identity;
Identity dbIdentity = context.getObjectByName(Identity.class, identity.getName());

List reqIdRoles = reqIdentity.getAssignedRoles();
List dbIdRoles = dbIdentity.getAssignedRoles();

if((reqIdRoles != null && !reqIdRoles.isEmpty()) && (dbIdRoles != null && !dbIdRoles.isEmpty())) {
  reqIdRoles.removeAll(dbIdRoles);
}


if (reqIdRoles.size() > 20) {
  vflag = true;
  desc = "You can not request for more that 20 request Items (Add Access) at a Time";
}

if (vflag) {
  violation = new PolicyViolation();
  violation.setActive(true);
  violation.setIdentity(identity);
  violation.setPolicy(policy);
  violation.setConstraint(constraint);
  violation.setDescription(desc);
  violation.setStatus(sailpoint.object.PolicyViolation.Status.Open);
}
return violation;

}

catch (Exception e )
{
e.printStackTrace();
}