Hi There,
I’m trying to provision an entitlement called ‘roles-products.’ I can provision it individually or in bulk by submitting multiple entitlement requests at once. However, when it comes to an access profile, I am unable to provision an access profile that contains more than one entitlement of this type.
I am receiving an error stating that the entitlement has already been assigned. Despite the error, when I check the target system, the entitlement appears to have been provisioned, but it does not reflect back in the UI.
Note: This rule works fine when handling entitlements individually or in bulk. However, when provisioning through an access profile, the entitlement is provisioned and reflected in the target system, but I still receive the error. I’ve attached the error below.
code
import sailpoint.object.ProvisioningPlan;
import sailpoint.object.ProvisioningPlan.AccountRequest;
import sailpoint.object.ProvisioningPlan.AttributeRequest;
import sailpoint.tools.GeneralException;
import sailpoint.tools.xml.PersistentArrayList;
import org.apache.commons.lang3.StringUtils;
import java.util.List;
import java.util.Map;
import java.util.HashMap;
try {
Map payload = new HashMap();
if (provisioningPlan != null) {
log.info("Rule - Modify Body: plan is not null");
for (AccountRequest accReq : provisioningPlan.getAccountRequests()) {
log.info("Rule - Modify Body: iterating over account request");
for (AttributeRequest attReq : accReq.getAttributeRequests()) {
if ("roles-products".equalsIgnoreCase(attReq.getName())) {
Object value = attReq.getValue();
if (value instanceof PersistentArrayList) {
PersistentArrayList rolesProductList = (PersistentArrayList) value;
if (rolesProductList != null && !rolesProductList.isEmpty()) {
StringBuilder jsonStringBuilder = new StringBuilder();
jsonStringBuilder.append("[\r\n");
for (int i = 0; i < rolesProductList.size(); i++) {
String roleProduct = (String) rolesProductList.get(i);
String[] parts = roleProduct.split(":");
if (parts.length == 2) {
String roleId = parts[0].trim();
String productId = parts[1].trim();
jsonStringBuilder.append("{\r\n");
jsonStringBuilder.append("\"roleId\": ").append(roleId).append(",\r\n");
jsonStringBuilder.append("\"productId\": \"").append(productId).append("\"\r\n");
if (i < rolesProductList.size() - 1) {
jsonStringBuilder.append("},\r\n");
} else {
jsonStringBuilder.append("}\r\n");
}
} else {
log.error("Invalid format in roles-products value: " + roleProduct + ", expected 'role:product'");
throw new GeneralException("Invalid roles-products format, expected 'role:product' but found: " + roleProduct);
}
}
jsonStringBuilder.append("]");
String jsonBody = jsonStringBuilder.toString();
payload.put("jsonBody", jsonBody);
log.info("Payload set for account request: " + jsonBody);
requestEndPoint.setBody(payload);
} else {
log.error("roles-products list is empty or null for account request.");
throw new GeneralException("roles-products list is empty or null for account request.");
}
} else if (value instanceof String) {
String roleProduct = (String) value;
String[] parts = roleProduct.split(":");
if (parts.length == 2) {
String roleId = parts[0].trim();
String productId = parts[1].trim();
StringBuilder jsonStringBuilder = new StringBuilder();
jsonStringBuilder.append("[\r\n");
jsonStringBuilder.append("{\r\n");
jsonStringBuilder.append("\"roleId\": ").append(roleId).append(",\r\n");
jsonStringBuilder.append("\"productId\": \"").append(productId).append("\"\r\n");
jsonStringBuilder.append("}\r\n");
jsonStringBuilder.append("]");
String jsonBody = jsonStringBuilder.toString();
payload.put("jsonBody", jsonBody);
log.info("Payload set for account request: " + jsonBody);
requestEndPoint.setBody(payload);
} else {
log.error("Invalid format in roles-products value: " + roleProduct + ", expected 'role:product'");
throw new GeneralException("Invalid roles-products format, expected 'role:product' but found: " + roleProduct);
}
} else {
log.error("Unexpected type for roles-products attribute value: " + value.getClass().getName());
throw new GeneralException("Unexpected type for roles-products attribute value: " + value.getClass().getName());
}
}
}
}
} else {
log.error("No account requests found in the provisioning plan.");
throw new GeneralException("No account requests found in the provisioning plan.");
}
log.info("Final payload for request: " + payload);
} catch (GeneralException e) {
log.error("Error processing provisioning plan", e);
throw new GeneralException("Error processing provisioning plan", e);
}
return requestEndPoint;
Thank you for taking the time to review this issue. I appreciate your assistance in helping me resolve this. Please let me know if you need any additional details or logs to investigate further.