PeopleSoft HCM Provisioning Modify Rule
This section provides information about the provisioning rule in the XML file for the PeopleSoft HCM Source. By using this rule, you can modify the values of the following parameters:
-
E-mail
-
Phone
-
Birthplace
-
samAccountName
-
NetworkID and its associated attributes
-
Badge details
Peoplesoft HCM modify rule
Copy
import sailpoint.object.ProvisioningResult;
import sailpoint.object.ProvisioningPlan.AccountRequest.Operation;
import sailpoint.object.ProvisioningPlan.ObjectOperation;
import sailpoint.connector.peoplesoftv2.PeopleSoftAPI.ComponentInterface;
import sailpoint.object.ProvisioningPlan.AccountRequest;
import sailpoint.object.ProvisioningPlan.AttributeRequest;
import java.util.HashMap;
import sailpoint.connector.peoplesoftv2.PeopleSoftAPI;
import sailpoint.tools.Util;
import sailpoint.connector.ConnectorException;
import sailpoint.object.ResourceObject;
//Variables to read Plan operation
AccountRequest req = null;
Operation operation = null;
String failedOperations = null;
boolean error = false;
boolean isReset = false;
ProvisioningResult result = new ProvisioningResult();
List<AccountRequest> accountRequests = plan.getAccountRequests();
int size = accountRequests.size();
ComponentInterface ci = null;
ComponentInterface badgeCI = null;
String objectType = "account";
//This method is used for validating NULL values
public boolean checkIfNull(Object value , String attrName) {
boolean isError = false;
if(null == value){
error = true;
isError = true;
if (log.isErrorEnabled() )
log.error(attrName +" Field cannot be blank");
}
return isError;
}
//This method is used for initializing Component Interface
public boolean initCI(String accNativeIdentity) {
//provide CI name to get handle of the CI
//In this example 'CI_PERSONAL_DATA' is component interface provided out of box by PeopleSoft HRMS
//which is used for updating personal data.
ci = connector.getCIHandle("CI_PERSONAL_DATA");
//first set the property 'KEYPROP_EMPLID' with the corresponding EMPLID
ci.setPropertyByName("KEYPROP_EMPLID", accNativeIdentity);
boolean userExists = false;
// Get the employee record
if (null != ci) {
userExists = ci.get();
}
return userExists;
}
//This method is used for initializing BADGE Component Interface
public boolean initBadgeCI(String accNativeIdentity) {
badgeCI = connector.getCIHandle("BADGE");
//first set the property 'EMPLID' with the corresponding EMPLID
badgeCI.setPropertyByName("EMPLID", accNativeIdentity);
boolean userExists = false;
badgeCI.setGetHistoryItems(true);
badgeCI.setEditHistoryItems(true);
// Get the employee record
if (null != badgeCI) {
userExists = badgeCI.get();
}
return userExists;
}
//This function will modify the email address if recieved in the plan
public void doProvision() {
HashMap emailObj = new HashMap();
HashMap phoneObj = new HashMap();
HashMap iMChatObj = new HashMap();
HashMap badgeObjMap = new HashMap();
List<AccountRequest> accReqList = plan.getAccountRequests();
String accNativeIdentity = null;
String emailCollAttribute = null;
String phoneCollAttribute = null;
String iMChatCollAttribute = null;
if (!Util.isEmpty(accReqList)) {
int accReqListSize = accReqList.size();
for( AccountRequest accReq : accReqList ) {
if ( accReq.getApplication().equals( application.getName() ) ) {
accNativeIdentity = accReq.getNativeIdentity();
//Get the requests by passing schema attributes
AttributeRequest emailAttribReq = accReq.getAttributeRequest("EMAIL_ADDR");
AttributeRequest phoneAttribReq = accReq.getAttributeRequest("PHONE");
//MCF_IMUSERID is mapped with Network ID on the peopleSoft portal
//As Network ID is not provided OOTB, The "MCF_IMUSERID" need to be added in schema attribute of PeopleSoft HCM Database.
//The "MCF_IMUSERID" attribute can be mapped with samAccountName .Need to retrieve the NetworkID using BuildMap rule.
AttributeRequest networkIDAttribReq = accReq.getAttributeRequest("MCF_IMUSERID");
AttributeRequest networkIDDomainReq = accReq.getAttributeRequest("MCFIMDOMAIN");
AttributeRequest networkIDProtocolReq = accReq.getAttributeRequest("MCF_IM_PROTOCOL");
AttributeRequest networkIDPrefFlag = accReq.getAttributeRequest("PREF_CHATID_FLAG");
List<AttributeRequest> networkAttribReqs = new ArrayList<AttributeRequest>();
networkAttribReqs.add(networkIDAttribReq);
networkAttribReqs.add(networkIDDomainReq);
networkAttribReqs.add(networkIDProtocolReq);
networkAttribReqs.add(networkIDPrefFlag);
//BIRTHPLACE is a non-collection attriute
AttributeRequest simpleAttribReq = accReq.getAttributeRequest("BIRTHPLACE");
//Update Badge
AttributeRequest badgeTypeAttribReq = accReq.getAttributeRequest("BADGE_TYPE");
AttributeRequest badgeNumberAttribReq = accReq.getAttributeRequest("BADGE_NBR");
AttributeRequest badgeEffSeqAttribReq = accReq.getAttributeRequest("BADGE_EFFSEQ");
AttributeRequest badgeEffDateAttribReq = accReq.getAttributeRequest("BADGE_EFFDT");
AttributeRequest badgeEffStatusAttribReq = accReq.getAttributeRequest("BADGE_EFF_STATUS");
AttributeRequest badgeExpDateAttribReq = accReq.getAttributeRequest("BADGE_EXPIRATION_DATE");
AttributeRequest badgeCommentAttribReq = accReq.getAttributeRequest("BADGE_COMMENT");
List<AttributeRequest> badgeAttribReqs = new ArrayList<AttributeRequest>();
badgeAttribReqs.add(badgeTypeAttribReq);
badgeAttribReqs.add(badgeNumberAttribReq);
badgeAttribReqs.add(badgeEffSeqAttribReq);
badgeAttribReqs.add(badgeEffDateAttribReq);
badgeAttribReqs.add(badgeEffStatusAttribReq);
badgeAttribReqs.add(badgeExpDateAttribReq);
badgeAttribReqs.add(badgeCommentAttribReq);
try {
boolean userExists = initCI(accNativeIdentity);
boolean badgeUserExists = false;
if(null != badgeTypeAttribReq){
badgeUserExists = initBadgeCI(accNativeIdentity);
}
if(userExists || badgeUserExists) {
if ( null != emailAttribReq) {
Object emailValue = emailAttribReq.getValue();
String attrName = emailAttribReq.getName();
boolean isNull = checkIfNull(emailValue, attrName);
if(!isNull){
updateEmail(emailCollAttribute,emailObj,ci,emailValue,emailAttribReq);
}
//Reset the component interface. This is required between some operations
//to make sure old data is not in the component interface.
connector.resetCI();
isReset = true;
}
if ( null != phoneAttribReq) {
//If Component Interface is reset then only call the initCI function for
//initializing the CI again
if (isReset) {
initCI(accNativeIdentity);
}
Object phoneValue = phoneAttribReq.getValue();
String attrName = phoneAttribReq.getName();
boolean isNull = checkIfNull(phoneValue, attrName);
if(!isNull){
updatePhone(phoneCollAttribute,phoneObj,ci,phoneValue,phoneAttribReq);
}
connector.resetCI();
isReset = true;
}
if (null != networkIDAttribReq) {
if (isReset) {
initCI(accNativeIdentity);
}
for (AttributeRequest attrReq : networkAttribReqs) {
if(null!=attrReq){
Object attrValue = attrReq.getValue();
String attrName = attrReq.getName();
boolean isNull = checkIfNull(attrValue, attrName);
if (!isNull) {
iMChatObj.put(attrName, attrValue);
}
}
}
if(iMChatObj.size() != 0){
updateNetworkID(iMChatCollAttribute, iMChatObj, ci, networkIDAttribReq);
}
connector.resetCI();
isReset = true;
}
//code for updating non-collection attribute
if (null != simpleAttribReq) {
if (isReset) {
initCI(accNativeIdentity);
}
Object value = simpleAttribReq.getValue();
String attrName = simpleAttribReq.getName();
String propertyName = "PROP_BIRTHPLACE";
boolean isNull = checkIfNull(value, attrName);
//Caliing updateNonCollectionAttributes method of connector
if(!isNull){
connector.updateNonCollectionAttributes(ci, propertyName, value);
}
connector.resetCI();
isReset = true;
}
//code for updating badge
if (badgeUserExists) {
//Update badge
if (null != badgeAttribReqs) {
if (isReset) {
initBadgeCI(accNativeIdentity);
}
for (AttributeRequest attrReq : badgeAttribReqs) {
if(null != attrReq){
Object attrValue = attrReq.getValue();
String attrName = attrReq.getName();
boolean isNull = checkIfNull(attrValue, attrName);
if (!isNull) {
badgeObjMap.put(attrName, attrValue);
}
}
}
if(badgeObjMap.size() != 0){
updateBadgeDetails(badgeObjMap, badgeCI, badgeNumberAttribReq);
}
}
}
} else {
error = true;
ProvisioningResult result = new ProvisioningResult();
result.setStatus(ProvisioningResult.STATUS_FAILED);
result.addError("User does not exist " + accNativeIdentity );
}
} catch (Exception e) {
result.setStatus(ProvisioningResult.STATUS_FAILED);
result.addError(e.getMessage());
}
}
}
}
}
//This function will update the email address
/* 'COLL_EMAIL_ADDRESSES' is a collection attribute needed for updating email.
This collection attribute consist of 3 sub attributes :PROP_EMAIL_ADDR,KEYPROP_E_ADDR_TYPE,PROP_PREF_EMAIL_FLAG
A map is created,where these three attributes are passed as key with their corresponding values.
BUSN,CAMP and HOME ane types of email which corresponds to type business, campus and home respectively.
If email is primary then value is 'Y' and 'N' if email is not primary
Only one email can be primary at a time.
*/
public void updateEmail(String emailCollection,HashMap emailObj,ComponentInterface ci, Object emailValue, AttributeRequest req) {
String type = "KEYPROP_E_ADDR_TYPE";
boolean isUpdated = false;
ProvisioningResult provisioningResult = new ProvisioningResult();
emailCollection = "COLL_EMAIL_ADDRESSES";
emailObj.put("PROP_EMAIL_ADDR", emailValue);
emailObj.put("KEYPROP_E_ADDR_TYPE", "BUSN");
emailObj.put("PROP_PREF_EMAIL_FLAG", "Y");
//calling updateCollectionAttributes method of connector
try {
isUpdated = connector.updateCollectionAttributes(emailCollection, emailObj, ci, type );
} catch(Exception e) {
error = true;
provisioningResult.setStatus(ProvisioningResult.STATUS_FAILED);
provisioningResult.addError(e.getMessage());
req.setResult(provisioningResult);
}
if(isUpdated) {
provisioningResult.setStatus( ProvisioningResult.STATUS_COMMITTED );
}
}
//This function will update the phone number
/* 'COLL_PERSONAL_PHONE' is a collection attribute needed for updating phone number.
This collection attribute consist of 3 sub attributes :PROP_PHONE,KEYPROP_PHONE_TYPE,PROP_PREF_PHONE_FLAG
A map is created, where these three attributes are passed as key with their corresponding values.
BUSN,CAMP and HOME ane some of the types of phone numbers which corresponds to type business, campus and home respectively.
If phone number is primary then value is 'Y' and 'N' if phone number is not primary
Only one phone number can be primary at a time.
*/
public void updatePhone(String phoneCollection,HashMap phoneObj,ComponentInterface ci, Object phoneValue, AttributeRequest req) {
String type = "KEYPROP_PHONE_TYPE";
boolean isUpdated = false;
ProvisioningResult provisioningResult = new ProvisioningResult();
phoneCollection = "COLL_PERSONAL_PHONE";
phoneObj.put("PROP_PHONE", phoneValue);
phoneObj.put("KEYPROP_PHONE_TYPE", "BUSN");
phoneObj.put("PROP_PREF_PHONE_FLAG", "Y");
try {
isUpdated = connector.updateCollectionAttributes(phoneCollection, phoneObj, ci, type);
} catch (Exception e) {
error = true;
provisioningResult.setStatus(ProvisioningResult.STATUS_FAILED);
provisioningResult.addError(e.getMessage());
req.setResult(provisioningResult);
}
if(isUpdated) {
provisioningResult.setStatus( ProvisioningResult.STATUS_COMMITTED );
}
}
/* This function will update the Network ID
'COLL_PERSON_IMCHAT' is a collection attribute needed for updating network id.
This collection attribute consist of 4 sub attributes :PROP_MCF_IMUSERID,KEYPROP_MCF_IM_PROTOCOL,KEYPROP_MCFIMDOMAIN and PROP_PREF_CHATID_FLAG
A map is created, where these three attributes are passed as key with their corresponding values.
GTAL,YAHO and MSN ane some of the protocols which corresponds to domains GTALK, YAHOO and MSN respectively.
PROP_PREF_CHATID_FLAG has value as 'Y' if corresponding chat id is preferred else it has value as 'N'
*/
public void updateNetworkID(String iMChatCollection,HashMap iMChatObj,ComponentInterface ci, AttributeRequest req) {
HashMap iMChatObjNew = new HashMap();
String type = "KEYPROP_MCF_IM_PROTOCOL";
boolean isUpdated = false;
ProvisioningResult provisioningResult = new ProvisioningResult();
Object networkID = iMChatObj.get("MCF_IMUSERID");
Object networkDomain = iMChatObj.get("MCFIMDOMAIN");
Object networkProtocol = iMChatObj.get("MCF_IM_PROTOCOL");
Object networkFlag = iMChatObj.get("PREF_CHATID_FLAG");
iMChatCollection = "COLL_PERSON_IMCHAT";
iMChatObjNew.put("KEYPROP_MCF_IM_PROTOCOL", networkProtocol);
iMChatObjNew.put("KEYPROP_MCFIMDOMAIN", networkDomain);
iMChatObjNew.put("PROP_MCF_IMUSERID", networkID);
iMChatObjNew.put("PROP_PREF_CHATID_FLAG", networkFlag);
try {
isUpdated = connector.updateCollectionAttributes(iMChatCollection, iMChatObjNew, ci, type);
} catch (Exception e) {
error = true;
provisioningResult.setStatus(ProvisioningResult.STATUS_FAILED);
provisioningResult.addError(e.getMessage());
req.setResult(provisioningResult);
}
if(isUpdated) {
provisioningResult.setStatus( ProvisioningResult.STATUS_COMMITTED );
}
}
/* This function will update the badge */
public void updateBadgeDetails(HashMap badgeObjMap, ComponentInterface badgeCI, AttributeRequest req) {
boolean isUpdated = false;
ProvisioningResult provisioningResult = new ProvisioningResult();
try {
isUpdated = connector.updateBadge(badgeObjMap, badgeCI);
} catch (Exception e) {
error = true;
provisioningResult.setStatus(ProvisioningResult.STATUS_FAILED);
provisioningResult.addError(e.getMessage());
req.setResult(provisioningResult);
}
if(isUpdated) {
provisioningResult.setStatus( ProvisioningResult.STATUS_COMMITTED );
}
}
// Logic to Read operation from Plan
for ( int i=0;i<size;i++ ) {
req=accountRequests.get(i);
operation=req.getOperation();
if( null!=operation ) {
failedOperations= ( null == failedOperations ) ? operation.toString() : failedOperations + "," +operation.toString();
if( operation.toString().equals("Modify") ) {
connector.initSessionObject();
// call doProvision method
doProvision();
} else {
error =true;
ProvisioningResult provisioningResult = new ProvisioningResult();
provisioningResult.setStatus(ProvisioningResult.STATUS_FAILED);
provisioningResult.addError("Modify Provisioning Rule can not be used for " + failedOperations + " operation");
req.setResult(provisioningResult);
}
}
ResourceObject ro=connector.getObject(objectType, req.getNativeIdentity(), null);
if(null != ro)
result.setObject(ro);
}
if(error) {
result.setStatus(ProvisioningResult.STATUS_FAILED);
result.addError("Operation failed.Please Check logs for more details.");
}
return result;
Create the PeopleSoft HCM Rule
Create the rule using Identity Security Cloud REST API. For more information, refer to List Connector Rules.
Attribute Entries
Add the following entries in source XML of source using Identity Security Cloud REST API.
Note
For more information on SailPoint's REST APIs, refer to Best Practices: REST API Authentication and REST API - Update Source (Partial) in the SailPoint Developer Community.
-
To trigger a specific operation rule:
-
Attribute Key: provisionRule
-
Value: operationRule
-
-
To assign the rule to source add the following entry:
-
Attribute Key: peoplesofthrModifyProvisioningRule
-
Value: Name of the rule.
-