-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy pathIdentityAttribute.xml
115 lines (108 loc) · 3.96 KB
/
IdentityAttribute.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE sailpoint PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<sailpoint>
<Rule language="beanshell" name="Identity Attribute Template" type="IdentityAttribute">
<Description>
Identity attribute rules are used when the value is not simply a copy of an
application account attribute value. A transformation may be
necessary on the account attribute, or several account
attributes may need to be combined to produce the identity
attribute.
This rule can be called in two ways: as a global mapping rule and an
application mapping rule. A global mapping rule is called
whenever the identity is refreshed. The rule can look at any
account attributes. An application mapping rule is called only
when the identity contains an account link for that application,
this link is passed in the "link" argument which is not passed
in global mapping rules.
</Description>
<Signature returnType="String">
<Inputs>
<Argument name="context">
<Description>
A sailpoint.api.SailPointContext object that can be used to query
the database if necessary.
</Description>
</Argument>
<Argument name="log">
<Description>
The log object associated with the SailPointContext.
</Description>
</Argument>
<Argument name="environment" type="Map">
<Description>
Arguments passed to the aggregation or refresh task.
</Description>
</Argument>
<Argument name="identity">
<Description>
The Identity object that represents the user
that is being aggregated.
</Description>
</Argument>
<Argument name="attributeDefinition">
<Description>
The AttributeDefinition object for this attribute.
</Description>
</Argument>
<Argument name="link">
<Description>
The Link object from the Identity, if this is an application
mapping rule. For global mapping rules this will be void.
</Description>
</Argument>
<Argument name="attributeSource">
<Description>
The AttributeSource object.
</Description>
</Argument>
<Argument name="oldValue">
<Description>
The original value of the application account attribute.
</Description>
</Argument>
</Inputs>
<Returns>
<Argument name="attributeValue">
<Description>
The value of the attribute that should be populated.
The rule should return this value.
</Description>
</Argument>
</Returns>
</Signature>
<ReferencedRules>
<Reference class="sailpoint.object.Rule" name="Global Rule Library"/>
</ReferencedRules>
<Source>
<![CDATA[
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import sailpoint.api.SailPointContext;
import org.apache.commons.logging.Log;
import sailpoint.object.TaskResult;
import sailpoint.object.Attributes;
import sailpoint.object.Identity;
import sailpoint.object.AttributeDefinition;
import sailpoint.object.Link;
import sailpoint.object.AttributeSource;
import java.lang.String;
//Log mylogger = LogFactory.getLog("rule.IdentityAttribute");
//mylogger.debug("Start IdentityAttribute");
//add the following lines to IIQ Log4j properties file to use this logger
//logger.IdentityAttribute.name=rule.IdentityAttribute
//logger.IdentityAttribute.level=debug
//Available Input Variables
//environment;
//identity;
//attributeDefinition;
//link;
//attributeSource;
//oldValue;
//mylogger.debug("End IdentityAttribute");
//return String
return null;
]]>
</Source>
</Rule>
</sailpoint>