Velocity transform displays old info?

Hello,

I’m not a Java expert, but here is my best explanation of a weird issue

I have a velocity transform:
$identity.getRoleAssignments())

This pulls values like this:
RoleAssignment[id=2c78e7c111b84edaaasdfa2ac42b5f6a3,source=Rule,roleName=IAM Administrator [cloudRole-1632854302624]]

The problem is… the ‘name’ being displayed is an old version, like a behind the scenes, cc or v1, version of the name perhaps?
ISC and V3 API’s show a different value for the name.

I added “requiresPeriodicRefresh”: “true”
to the transform, but that’s not the issue. It’s pulling a name value which was updated years ago.

Do you have any suggestions, maybe a way I can refresh the data to the newest? Or a different Java… Method (is that the right jargon?)

I’ve used the following snippet to check if an identity has a particular role:

#foreach($role in $identity.getAssignedRoles())#if($role.getDisplayName() == 'Example Role Name')true#break#end#end

This uses a slightly different Java method on the Identity compared to what you are using now, but the values returned by the getDisplayName() method on each returned Bundle (Role) are the current friendly names of the roles the identity has.

3 Likes

you are fantastic, thank you for sharing that.

My brain still doesn’t fully understand how or why this works better… maybe the
getDisplayName() could be used with the getRoleAssignments()) too… but… I tested and yours definitely works so that’s good enough for me!

1 Like

For some additional context, getAssignedRoles() returns a list of Bundle objects, whereas getRoleAssignments() returns a list of RoleAssignment objects. The public ISC Javadoc is pretty limited compared to the IdentityIQ Javadoc (which is not publicly available), but they represent different things in the backend. Bundles in this java model roughly translate to Roles, which is what we want here.

1 Like