Modify OOTB identity entitlements detail report

IdentityIQ (IIQ) IIQ Community Knowledge Base
,
1

The OOTB Identity Entitlements Detail Report shows all the Users in the Search, so if we want to modify this report and show only the Direct reportee of the logged in user, we need to modify the existing form which is used in this report “Identity Entitlements Report Search Fields”,
Go to Debug page and search for the form “Identity Entitlements Report Search Fields”, Now in we need to replace

<Field displayName="identities" helpKey="help_rept_identity_entitlement_identities" multi="true" name="identity" value="ref:identity"/>

with

    <Field displayName="identities" helpKey="help_rept_identity_entitlement_identities" multi="true" name="identity" value="ref:identity">
      <AllowedValuesDefinition>
        <Script>
          <Source>
            import sailpoint.object.*;
            import java.util.*;
            import org.apache.log4j.Logger;


            String idName = context.getUserName();
            List identityList3 = new ArrayList();
            QueryOptions qo = new QueryOptions();
            qo.addFilter(Filter.eq("manager.name", idName));
            List identityList = context.getObjects(Identity.class, qo);


            for(Identity id : identityList){
            List identityList2 = new ArrayList();
            identityList2.add(id.getId());
            identityList2.add(id.getName());

            identityList3.add(identityList2);
            }
            return identityList3;
          </Source>
        </Script>
      </AllowedValuesDefinition>
    </Field>

OOTB Identity Entitlements Detail Report shows all the Application in the Search, so if we want to modify this report and show only the Application which has application owner as the logged in user, we need to modify the existing form which is used in this report “Identity Entitlements Report Search Fields”,

Go to Debug page and search for the form “Identity Entitlements Report Search Fields”, Now in we need to replace

<Field displayName="applications" helpKey="help_rept_identity_entitlement_applications" multi="true" name="application" type="Application" value="ref:application"/>

with

<Field displayName="applications" helpKey="help_rept_identity_entitlement_applications" multi="true" name="application" type="Application" value="ref:application">
      <AllowedValuesDefinition>
        <Script>
          <Source>
            import sailpoint.api.SailPointContext;
            import sailpoint.object.Application;
            import sailpoint.object.Identity;
            import sailpoint.object.QueryOptions;
            import sailpoint.api.ObjectUtil;
            import sailpoint.object.Filter;

            String idName = context.getUserName();
            List appList3 = new ArrayList();

            if (idName != null)
            {
            QueryOptions ao = new QueryOptions();
            ao.addFilter(Filter.eq("owner.name",idName));
            List appList=context.getObjects(Application.class, ao);
            for(Application app : appList){
            List appList2 = new ArrayList();
            appList2.add(app.getId());
            appList2.add(app.getName());

            appList3.add(appList2);
            System.out.println("*****"+ app.getId() + "*********" + app.getName());
            }
            }
            return appList3;
          </Source>
        </Script>
      </AllowedValuesDefinition>
    </Field>
2 Likes
2

thanks @vishal_kejriwal1 for sharing the report, it will be very useful.

3

Thanks @pravin_ranjan . I am glad that you find this useful.

4

@pravin_ranjan
I would prefer to use the query parameters to customize the data which is being shown. As your requirement is to show the direct reportees and application where the owner is the logged in user, just change the query parameters.

<DataSource objectType="IdentityEntitlement" type="Filter">
<QueryParameters>
<Parameter argument="identity" property="identity.id">
<QueryScript>
      <Source>
          import sailpoint.object.Filter;
          import sailpoint.object.IdentityEntitlement.AggregationState;
          import sailpoint.tools.Util;
                String loggedUser = context.getUserName();
                queryOptions.addFilter(Filter.eq("identity.manager.name", loggedUser));
                return queryOptions;
      </Source>
    </QueryScript>
  </Parameter>
<Parameter argument="identity" property="identity.id">
<QueryScript>
      <Source>
          import sailpoint.object.Filter;
          import sailpoint.object.IdentityEntitlement.AggregationState;
          import sailpoint.tools.Util;
                String loggedUser = context.getUserName();
                queryOptions.addFilter(Filter.eq("application.owner.name", loggedUser));
                return queryOptions;
      </Source>
    </QueryScript>
  </Parameter>
**

> //keep the other query parameters as it is.

**
</QueryParameters>
</DataSource>

The above code will have multiple benefits.

  1. It will show only the filtered results in the “Identities” and “Applications” search fields under “[Identity Entitlements Report Arguments]”
  2. The report results will populate filtered results.
  3. Performance will be much faster compared to filtering the data in each column.
  4. No unnecesssary data.
  5. In case you want to have more filters on top if it, can be done in the UI (small set of drop down values).

Hope this helps.

5

@vishal_kejriwal1 Thank you. this is helpful