As per the documentation of rapid setup the if leaver is configured to use a rule , it should return a list of account requests.
But it doens’t work with account request output, it is expecting output of the format ConfiguredLeaverRequest
Looks like a bug in the rapid setup class
Thanks,
Abhishek
Hey @abhishek_chowdhury, thanks for posting! Let us do some testing and we will see if we can confirm your insights.
After some investigation, it looks like this is a documentation bug. The product even ships with some sample Rapid Setup rules, and one of those sample rules is precisely a sample Leaver rule, which is incorrect, as this can confuse customers. Thank you for pointing this out, I will be sure to file a ticket and have this fixed in the documentation.
I’d like to add to this that the Rapid Setup documentation is kind of lacking in general. These types of rules as well as things like what arguments are passed to the email templates i.e. I have no idea what disableStaticManagerContent means and it’s no where in the documentation.
Can someone please post the “Leaver AccountRequests Rule” template here for the RapidSetup.
Hi,
This is the sample rule that is shipped with Rapid Setup:
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE Rule PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<Rule created="1674480845556" id="0a081ca285cf1bd58185ded602f42434" language="beanshell" modified="1674481376364" name="Population Specific Leaver Rule" type="LeaverAccountRequests">
<Source>
/**
Example rule for leaver configuration. The following parameters are passed in:
context - a SailpointContext
identityName - the name of the identity that is leaving
appName - the name of the application for which the config is being requeested
nativeId - the native id of the account
requestType - terminate or leaver
mode - immediate or later
leaverPlanBuilder - the leaver plan builder
log - log object, used to write log messages
*/
import java.util.Map;
import java.util.List;
import java.util.HashMap;
import sailpoint.object.ProvisioningPlan;
import sailpoint.tools.Util;
import sailpoint.rapidsetup.plan.*;
Map additionalArgs = new HashMap();
additionalArgs.put("requestType", requestType);
// Create a composite configuration object, and pass in the default configuration provider (forEveryone)
LeaverAppConfigProvider provider = new CompositeConfigProvider(
LeaverConfigBuilder.forEveryone().
setRemoveEntitlements(appName, LeaverAppConfigProvider.OPT_MODE_LATER).
setEntitlementDelay(appName, 5).
build(context)
);
// Create the population specific configuration provider (forPopulation) and
// add it to the composite configuration object
provider.add(
LeaverConfigBuilder.forPopulation(context, "Asurion - Leaver Population").
setRemoveEntitlements(appName, LeaverAppConfigProvider.OPT_MODE_LATER).
setEntitlementDelay(appName, 3).
build(context)
);
// this returns the individual requests used in the provisioning plans using the passed in configuration objects
ConfiguredLeaverRequest configuredRequest = BasePlanBuilder.leaverPlan(context, identityName, additionalArgs, provider, leaverPlanBuilder.isTerminateIdentity()).
getAppRequests(context, identityName, appName, mode, nativeId);
// insert custom processing of leaver requests here
// this could be for example to add more complex entitlement exclusuion rules. Just replace
// the print statements below, with actual processing of the accountRequests.
// if no additional processing is required, just return configuredRequest
List accountRequests = configuredRequest.getAccountRequests();
// walk through the plan account requests and alter the details.
for(ProvisioningPlan.AccountRequest accountRequest : Util.safeIterable(accountRequests)) {
print("Account Op: " + accountRequest.getOperation() + " Application Name: " + accountRequest.getApplicationName());
print("Attribute request info ...");
for(ProvisioningPlan.AttributeRequest attributeRequest : Util.safeIterable(accountRequest.getAttributeRequests())) {
print(" Attribute Op: " + attributeRequest.getOp() + " Attribute Name: " +
attributeRequest.getName() + " Attribute Value: " + attributeRequest.getValue());
}
}
return configuredRequest;
</Source>
</Rule>