Monday, January 25, 2021

SailPoint IIQ - Script to generate certification from a workflow

import java.util.List;

import java.util.ArrayList;

import sailpoint.object.Identity;

import sailpoint.api.CertificationScheduler;

import sailpoint.object.CertificationSchedule;

import sailpoint.object.CertificationDefinition;

import sailpoint.object.TaskSchedule;

import sailpoint.object.Certification;

import sailpoint.api.Correlator; 

import sailpoint.task.CertificationExecutor.CertifierSelectionType;


//

// requestor = user who made the request

// identity = user to be certified

//

  

Identity requestor = context.getObject(Identity.class, launcher);  

System.out.println("Change requested by " + requestor.getName()); 

Identity identity = context.getObject(Identity.class, event.getIdentityName());

System.out.println("Building certification for " + identity.getName());


//

// Identities to certify: 

//


List identities = new ArrayList();

identities.add(identity.getName());


//

// Certification Group Owner

//


Identity certGroupOwner = context.getObjectByName(Identity.class, "spadmin");


//

// Get department user is moving to

//

String department = event.getObject().getAttribute("department");


// 

// Set sertifier based on department

//

Correlator correlator = new Correlator(context); 

Identity certifier = null;


if ( department != null && department.equals("IT Management") ) {   

   certifier = correlator.findIdentityByAttribute("name", "Mary.Johnson"); 

} else {

   certifier = correlator.findIdentityByAttribute("name", "spadmin"); 

}

System.out.println("Certification will be done by " + certifier.getName());


//

// Schedule Certification

//

// Create new Scheduler object

// 


CertificationScheduler scheduler = new CertificationScheduler(context);


//

// Create schedule and set to run now...

//

CertificationSchedule schedule = scheduler.initializeScheduleBean(requestor, Certification.Type.Identity);

schedule.setRunNow(true);


//

// Configure Certification Definition

//


CertificationDefinition definition = schedule.getDefinition();

definition.setCertifierSelectionType(CertificationDefinition.CertifierSelectionType.Manual);

definition.setProcessRevokesImmediately(true);


definition.setNameTemplate("Department Transfer for " + identity.getDisplayName() + ": assigned to " + certifier.getDisplayName());

definition.setShortNameTemplate("Dept xfer for " + identity.getDisplayName());

definition.setName("Department Transfer : " + identity.getDisplayName() + " [" + new Date().toString() + "]");

definition.setIdentitiesToCertify(identities);

definition.setCertifierName(certifier.getName());

definition.setCertificationOwner(certGroupOwner);

definition.setCertificationNameTemplate("Department Transfer: " + identity.getDisplayName());


//

// Schedule task to run, passing in schedule (which has certficiaton defintion attached)

//


TaskSchedule taskSchedule = scheduler.saveSchedule(schedule, false);

No comments:

Post a Comment