Hello,
I am seeking a rule example on how to perform a two-level sign of rule for a certification event. Below is what we have been testing with as this is the out of the box rule. It notes “Once we get to the most senior manager, approvals stop.”. We just want this rule to perform a sign off of just the certifier’s manager and then stop. Currently it is looping through all the managers and asking for a sign off which I believe it is because it is forcing a muti-level sign off and not a two-level certification.
How can a two-level certification be done?
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE Rule PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<Rule language="beanshell" name="Certification Sign Off Approver Rule" type="CertificationSignOffApprover">
<Description>
This rule is run when the certification is signed off to determine who
(if anyone) needs to approve the certification decisions. If this returns
a non-null identity, the certification is forwarded to the returned identity.
</Description>
<Signature returnType="Map">
<Inputs>
<Argument name='context'>
<Description>
A SailPointContext object used if its necessary
to query objects from the database.
</Description>
</Argument>
<Argument name="certification">
<Description>
The sailpoint.object.Certification that was signed.
</Description>
</Argument>
<Argument name="certifier">
<Description>
The sailpoint.object.Identity that signed the certification.
</Description>
</Argument>
</Inputs>
<Returns>
<Argument name='identityName'>
<Description>
The name of the Identity that should approve the certification. Either
this or 'identity' should be non-null if certification sign off approval
is desired.
</Description>
</Argument>
<Argument name='identity'>
<Description>
The Identity that should approve the certification. Either this or
'identityName' should be non-null if certification sign off approval
is desired.
</Description>
</Argument>
</Returns>
</Signature>
<Source>
import sailpoint.object.Identity;
// This requires approval all the up the manager hierarchy. Once we get to
// the most senior manager, approvals stop.
Identity identity = certifier.getManager();
Map results = new HashMap();
results.put("identity", identity);
return results;
</Source>
</Rule>