Friday, January 30, 2015

OIM 11G R2 PS2 (11.1.2.2.0) Publishing Role to an Organization using OIM API

In this post, I will talk about the API which lets you publish a role or an app instance to a particular organization.

public void addPublication(String roleKey, String orgKeyIntValue) {
        EntityPublicationService eps = Platform
                .getService(EntityPublicationService.class);

        EntityPublication ep = new EntityPublication(roleKey,
                PolicyConstants.Resources.ROLE, Long.parseLong(orgKeyIntValue),
                true);

        List<EntityPublication> epl = new ArrayList<EntityPublication>();

        epl.add(ep);

        eps.addEntityPublications(epl);

    }





What the above will do is take a role and publish it to specific organization specified here by organization key.

Removing(Unpublishing) is far more complicated as you will have to get the publication ID

public void removePublication(String roleKey, String orgKey,
            String roleName, String newOrgKey) {
        HashMap hm = new HashMap();

        hm.put("STARTROW", 0);

        hm.put("ENDROW", 1);

        EntityPublicationSearchCriteria epsc = new EntityPublicationSearchCriteria();

        epsc.setRoleName(roleName);

        epsc.setEntityId(roleKey.toString());

        epsc.setEntityType(PolicyConstants.Resources.ROLE);

        epsc.setScopeId(orgKey);

        EntityPublicationService eps = Platform
                .getService(EntityPublicationService.class);

        List<EntityPublication> epl = eps.search(epsc, null);

        for (EntityPublication ep : epl) {

            Long pubId = ep.getEntityPublicationId();

            EntityPublication ep2 = new EntityPublication(roleKey,
                    PolicyConstants.Resources.ROLE, newOrgKey, true);

            ep2.setEntityPublicationId(pubId);

            epl.add(ep);

            eps.removeEntityPublications(epl, true);

        }

    }

Thursday, January 22, 2015

OIM 11G R2 PS2 : RequestDataValidator Plugin

In this post, I will talk about a custom RequestDataValidator plugin which is used for custom validation of request data after submission. Please remember that it is used after request submission and not before or during the request submission.


I will provide below the sample implementation

You can attach the data validation anywhere you get the form or request data.

import java.util.Iterator;
import java.util.List;

import oracle.iam.request.exception.InvalidRequestDataException;
import oracle.iam.request.plugins.RequestDataValidator;
import oracle.iam.request.vo.Beneficiary;
import oracle.iam.request.vo.RequestBeneficiaryEntity;
import oracle.iam.request.vo.RequestBeneficiaryEntityAttribute;
import oracle.iam.request.vo.RequestData;


public class RequestDataValidatorPlugin implements RequestDataValidator{

    @Override
    public void validate(RequestData requestdata) throws InvalidRequestDataException {
        List<Beneficiary> beneficiaries = requestdata.getBeneficiaries();
        List<RequestBeneficiaryEntity> beneficiaryEntities = null; 
        List<RequestBeneficiaryEntityAttribute> beneficiaryEntityAttributes = null;
         for (Beneficiary beneficiary : beneficiaries){
             beneficiaryEntities = beneficiary.getTargetEntities();
             for (RequestBeneficiaryEntity beneficiaryEntity : beneficiaryEntities) {
                 beneficiaryEntityAttributes = beneficiaryEntity.getEntityData();
                 for (RequestBeneficiaryEntityAttribute requestBeneficiaryEntityAttribute : beneficiaryEntityAttributes){
                      System.out.println("requestBeneficiaryEntityAttribute.getName()--->"+requestBeneficiaryEntityAttribute.getName());
                      System.out.println("requestBeneficiaryEntityAttribute.getValue()--->"+requestBeneficiaryEntityAttribute.getValue());
                      if(requestBeneficiaryEntityAttribute.hasChild()){
                          List <RequestBeneficiaryEntityAttribute> childRequestBeneficiaryEntityAttributes = requestBeneficiaryEntityAttribute.getChildAttributes();
                          Iterator iterator = childRequestBeneficiaryEntityAttributes.iterator();
                          while(iterator.hasNext()){
                              RequestBeneficiaryEntityAttribute childAttribute =(RequestBeneficiaryEntityAttribute)iterator.next();
                              System.out.println("childAttribute.getName()--->"+childAttribute.getName());
                              System.out.println("childAttribute.getValue()--->"+childAttribute.getValue());
                             
                          }
                      }
                 }
             }
         }
       
    }

}

Monday, January 5, 2015

OIM 11G R2 PS2 : StatusChangeEvent Plug-in

In this post, I will talk about the StatusChangeEvent plugin which allows running of custom code during request status change.

This plugin can be used to look the request data and perform any necessary actions  based on the status of a request.

I will provide here some sample implementation and hook point on how to use it.

import java.util.Date;
import java.util.List;

import oracle.iam.identity.exception.NoSuchUserException;
import oracle.iam.identity.exception.UserLookupException;
import oracle.iam.identity.usermgmt.api.UserManager;
import oracle.iam.identity.usermgmt.vo.User;
import oracle.iam.platform.Platform;
import oracle.iam.platform.authz.exception.AccessDeniedException;
import oracle.iam.request.api.RequestService;
import oracle.iam.request.exception.NoRequestPermissionException;
import oracle.iam.request.exception.RequestServiceException;
import oracle.iam.request.plugins.StatusChangeEvent;
import oracle.iam.request.vo.Beneficiary;
import oracle.iam.request.vo.Request;

public class StatusChangeEventPlugin implements StatusChangeEvent {

    @Override
    public void followUpActions(String requestID) {

        try {
            RequestService requestService = Platform
                    .getService(RequestService.class);
            Request request = requestService.getBasicRequestData(requestID);
            Date exDate = request.getExecutionDate();
            String requestModelName = request.getRequestModelName();
            List<Beneficiary> beneficiaries = request.getBeneficiaries();
            UserManager userManager = Platform
                        .getService(UserManager.class);
            for (Beneficiary beneficiary : beneficiaries) {
                String usrKey = beneficiary.getBeneficiaryKey();// usr_key
               
                User user = userManager.getDetails(usrKey, null, false);
                Date date = user.getCreationDate();
                // Update Request
                request.setExecutionDate(date);
                request.setJustification("Justified by system");
            }
        } catch (RequestServiceException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        } catch (NoRequestPermissionException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        } catch (NoSuchUserException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        } catch (UserLookupException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        } catch (AccessDeniedException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }

    }

}