Class IdentityLinkUtil
- java.lang.Object
-
- com.identityworksllc.iiq.common.IdentityLinkUtil
-
public class IdentityLinkUtil extends Object
A utility class for efficiently reading various types of information from Link objects.This class supplements IdentityService by providing additional methods for retrieving attributes of various types.
This is very common logic in virtually all IIQ instances, and this will prevent us from having to reimplement it for both Beanshell and Java every time. It should also increase efficiency by being in compiled Java and not Beanshell.
There are essentially two modes of operation, depending on your purposes. If you need to pre-load all Identity Links prior to running an operation, set the forceLoad flag to true using
setForceLoad(boolean)
. If you do not do this, this class will echo the logic used byIdentityService.getLinks(Identity, Application)
.You will generally NOT want to set forceLoad=true unless you need to repeatedly query the same Links from the Identity. The most notable example is when you are reading values from Links in more than a handful of IdentityAttribute rules.
In all cases, the get-attribute methods take the ‘failOnMultiple’ flag into account. If the flag is false, as is default, the value from the newest Link will be retrieved.
-
-
Constructor Summary
Constructors Constructor Description IdentityLinkUtil(sailpoint.api.SailPointContext context, sailpoint.object.Identity identity)
Identity Link utility constructorIdentityLinkUtil(sailpoint.api.SailPointContext context, sailpoint.object.Identity identity, sailpoint.object.Filter globalLinkFilter)
Identity Link utility constructor
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description Optional<sailpoint.object.ManagedAttribute>
findManagedAttribute(sailpoint.object.IdentityEntitlement ie)
Retrieves a managed attribute for the given IdentityEntitlementMap<String,List<sailpoint.object.ManagedAttribute>>
findManagedAttributes(sailpoint.object.Link link)
Retrieves all ManagedAttributes associated with the given Linkstatic Optional<sailpoint.object.Link>
findUniqueLink(sailpoint.api.SailPointContext context, String applicationName, String nativeIdentity)
Finds a unique Link by Native ID and Application, returning a non-null Optionalsailpoint.object.Filter
getGlobalLinkFilter()
Gets the applied (possibly null) global link filtersailpoint.object.Link
getLinkByNativeIdentity(String applicationName, String nativeIdentity)
sailpoint.object.Link
getLinkByNativeIdentity(sailpoint.object.Application application, String nativeIdentity)
Gets the Link from the Identity by native identitystatic sailpoint.object.Filter
getLinkFilter(String applicationName, String nativeIdentity)
Returns a Filter object for a LinkList<sailpoint.object.Link>
getLinksByApplication(String applicationName)
List<sailpoint.object.Link>
getLinksByApplication(String applicationName, sailpoint.object.Filter linkFilter)
List<sailpoint.object.Link>
getLinksByApplication(sailpoint.object.Application application)
List<sailpoint.object.Link>
getLinksByApplication(sailpoint.object.Application application, sailpoint.object.Filter linkFilter)
Gets the list of Links of the given application type, applying the given optional filter to the links.List<String>
getMultiValueLinkAttribute(String applicationName, String attributeName)
List<String>
getMultiValueLinkAttribute(String applicationName, String attributeName, sailpoint.object.Filter linkFilter)
List<String>
getMultiValueLinkAttribute(sailpoint.object.Application application, String attributeName)
List<String>
getMultiValueLinkAttribute(sailpoint.object.Application application, String attributeName, sailpoint.object.Filter linkFilter)
Gets the value of a multi-valued attribute from one Link of the given type belonging to this Identity.String
getSingleValueLinkAttribute(String applicationName, String attributeName)
String
getSingleValueLinkAttribute(String applicationName, String attributeName, sailpoint.object.Filter linkFilter)
String
getSingleValueLinkAttribute(sailpoint.object.Application application, String attributeName)
String
getSingleValueLinkAttribute(sailpoint.object.Application application, String attributeName, sailpoint.object.Filter linkFilter)
Gets the value of a single-valued attribute from one Link of the given type belonging to this Identity.static sailpoint.object.Link
getUniqueLink(sailpoint.api.SailPointContext context, String applicationName, String nativeIdentity)
Gets a unique Link by Native ID and Application or else throws an exceptionboolean
isFailOnMultiple()
Returns true if the class is set to fail on multiple Links of the same typeboolean
isForceLoad()
Returns true if you want to force-load all Links on the Identity usingIdentity.getLinks()
, rather than usingIdentityService
List<String>
mergeLinkAttributes(String applicationName, String attributeName)
List<String>
mergeLinkAttributes(String applicationName, String attributeName, sailpoint.object.Filter linkFilter)
List<String>
mergeLinkAttributes(sailpoint.object.Application application, String attributeName, sailpoint.object.Filter linkFilter)
Extracts the named attribute from each Link of the given application and adds all values from each Link into a common List.void
setFailOnMultiple(boolean failOnMultiple)
If true, and the Identity has more than one (post-filter) Link of a given Application type, the get-attribute methods will throw an exception.void
setForceLoad(boolean forceLoad)
If true, the Identity’slinks
container will be populated before searching for items.void
setGlobalLinkFilter(sailpoint.object.Filter globalLinkFilter)
Sets a global link filter, allowing use of a constant
-
-
-
Constructor Detail
-
IdentityLinkUtil
public IdentityLinkUtil(sailpoint.api.SailPointContext context, sailpoint.object.Identity identity)
Identity Link utility constructor- Parameters:
context
- The Sailpoint contextidentity
- the Identity
-
IdentityLinkUtil
public IdentityLinkUtil(sailpoint.api.SailPointContext context, sailpoint.object.Identity identity, sailpoint.object.Filter globalLinkFilter)
Identity Link utility constructor- Parameters:
context
- The Sailpoint contextidentity
- the Identity
-
-
Method Detail
-
findUniqueLink
public static Optional<sailpoint.object.Link> findUniqueLink(sailpoint.api.SailPointContext context, String applicationName, String nativeIdentity) throws sailpoint.tools.GeneralException
Finds a unique Link by Native ID and Application, returning a non-null Optional- Parameters:
context
- The context for queryingapplicationName
- The application namenativeIdentity
- The native ID- Returns:
- If no matches, an empty Optional. If one match, an Optional containing the Link
- Throws:
sailpoint.tools.GeneralException
- if there is a query failureTooManyResultsException
- if more than one Link matches the criteria
-
getLinkFilter
public static sailpoint.object.Filter getLinkFilter(String applicationName, String nativeIdentity)
Returns a Filter object for a Link- Parameters:
applicationName
- The application namenativeIdentity
- The native ID- Returns:
- the resulting Filter
-
getUniqueLink
public static sailpoint.object.Link getUniqueLink(sailpoint.api.SailPointContext context, String applicationName, String nativeIdentity) throws sailpoint.tools.GeneralException
Gets a unique Link by Native ID and Application or else throws an exception- Parameters:
context
- The context for queryingapplicationName
- The application namenativeIdentity
- The native ID- Returns:
- Null if no matches, a single Link if there is a match
- Throws:
sailpoint.tools.GeneralException
- if there is a query failureTooManyResultsException
- if more than one Link matches the criteria
-
findManagedAttribute
public Optional<sailpoint.object.ManagedAttribute> findManagedAttribute(sailpoint.object.IdentityEntitlement ie) throws sailpoint.tools.GeneralException
Retrieves a managed attribute for the given IdentityEntitlement- Parameters:
ie
- The IdentityEntitlement- Returns:
- The associated managed attribute, or an empty optional
- Throws:
sailpoint.tools.GeneralException
- If the query fails for some reasonTooManyResultsException
- If the entitlement matches more than 1 managed attribute
-
findManagedAttributes
public Map<String,List<sailpoint.object.ManagedAttribute>> findManagedAttributes(sailpoint.object.Link link) throws sailpoint.tools.GeneralException
Retrieves all ManagedAttributes associated with the given Link- Parameters:
link
- the Link to check- Returns:
- A map from field name to a list of ManagedAttribute objects
- Throws:
sailpoint.tools.GeneralException
- If the query fails for some reasonTooManyResultsException
- If the entitlement matches more than 1 managed attribute
-
getGlobalLinkFilter
public sailpoint.object.Filter getGlobalLinkFilter()
Gets the applied (possibly null) global link filter- Returns:
- The applied global link filter
-
getLinkByNativeIdentity
public sailpoint.object.Link getLinkByNativeIdentity(sailpoint.object.Application application, String nativeIdentity) throws sailpoint.tools.GeneralException
Gets the Link from the Identity by native identity- Parameters:
application
- The application type of the LinknativeIdentity
- The native identity of the Link- Returns:
- The Link
- Throws:
sailpoint.tools.GeneralException
- if any failures occur
-
getLinkByNativeIdentity
public sailpoint.object.Link getLinkByNativeIdentity(String applicationName, String nativeIdentity) throws sailpoint.tools.GeneralException
- Throws:
sailpoint.tools.GeneralException
- See Also:
getLinkByNativeIdentity(Application, String)
-
getLinksByApplication
public List<sailpoint.object.Link> getLinksByApplication(sailpoint.object.Application application) throws sailpoint.tools.GeneralException
- Throws:
sailpoint.tools.GeneralException
- See Also:
getLinksByApplication(Application, Filter)
-
getLinksByApplication
public List<sailpoint.object.Link> getLinksByApplication(sailpoint.object.Application application, sailpoint.object.Filter linkFilter) throws sailpoint.tools.GeneralException
Gets the list of Links of the given application type, applying the given optional filter to the links.If a filter is present, only Links matching the filter will be returned.
- Parameters:
application
- The application objectlinkFilter
- The filter object, optional- Returns:
- A non-null list of links (optionally filtered) on this user of the given application type
- Throws:
sailpoint.tools.GeneralException
- if any failures occur
-
getLinksByApplication
public List<sailpoint.object.Link> getLinksByApplication(String applicationName) throws sailpoint.tools.GeneralException
- Throws:
sailpoint.tools.GeneralException
- See Also:
getLinksByApplication(Application, Filter)
-
getLinksByApplication
public List<sailpoint.object.Link> getLinksByApplication(String applicationName, sailpoint.object.Filter linkFilter) throws sailpoint.tools.GeneralException
- Throws:
sailpoint.tools.GeneralException
- See Also:
getLinksByApplication(Application, Filter)
-
getMultiValueLinkAttribute
public List<String> getMultiValueLinkAttribute(String applicationName, String attributeName) throws sailpoint.tools.GeneralException
- Throws:
sailpoint.tools.GeneralException
- See Also:
getMultiValueLinkAttribute(Application, String, Filter)
-
getMultiValueLinkAttribute
public List<String> getMultiValueLinkAttribute(String applicationName, String attributeName, sailpoint.object.Filter linkFilter) throws sailpoint.tools.GeneralException
- Throws:
sailpoint.tools.GeneralException
- See Also:
getMultiValueLinkAttribute(Application, String, Filter)
-
getMultiValueLinkAttribute
public List<String> getMultiValueLinkAttribute(sailpoint.object.Application application, String attributeName, sailpoint.object.Filter linkFilter) throws sailpoint.tools.GeneralException
Gets the value of a multi-valued attribute from one Link of the given type belonging to this Identity.The actual type of the attribute doesn’t matter. A CSV single-valued String will be converted to a List here.
- Parameters:
application
- The application type of the LinksattributeName
- The attribute name to grablinkFilter
- The Link filter, optional- Returns:
- The value of the attribute, or null
- Throws:
sailpoint.tools.GeneralException
- if any errors occur
-
getMultiValueLinkAttribute
public List<String> getMultiValueLinkAttribute(sailpoint.object.Application application, String attributeName) throws sailpoint.tools.GeneralException
- Throws:
sailpoint.tools.GeneralException
- See Also:
getMultiValueLinkAttribute(Application, String, Filter)
-
getSingleValueLinkAttribute
public String getSingleValueLinkAttribute(String applicationName, String attributeName) throws sailpoint.tools.GeneralException
- Throws:
sailpoint.tools.GeneralException
- See Also:
getSingleValueLinkAttribute(Application, String, Filter)
-
getSingleValueLinkAttribute
public String getSingleValueLinkAttribute(String applicationName, String attributeName, sailpoint.object.Filter linkFilter) throws sailpoint.tools.GeneralException
- Throws:
sailpoint.tools.GeneralException
- See Also:
getSingleValueLinkAttribute(Application, String, Filter)
-
getSingleValueLinkAttribute
public String getSingleValueLinkAttribute(sailpoint.object.Application application, String attributeName) throws sailpoint.tools.GeneralException
- Throws:
sailpoint.tools.GeneralException
- See Also:
getSingleValueLinkAttribute(Application, String, Filter)
-
getSingleValueLinkAttribute
public String getSingleValueLinkAttribute(sailpoint.object.Application application, String attributeName, sailpoint.object.Filter linkFilter) throws sailpoint.tools.GeneralException
Gets the value of a single-valued attribute from one Link of the given type belonging to this Identity.- Parameters:
application
- The application type of the LinksattributeName
- The attribute name to grablinkFilter
- The Link filter, optional- Returns:
- The value of the attribute, or null
- Throws:
sailpoint.tools.GeneralException
- if any errors occur
-
isFailOnMultiple
public boolean isFailOnMultiple()
Returns true if the class is set to fail on multiple Links of the same type- See Also:
failOnMultiple
-
isForceLoad
public boolean isForceLoad()
Returns true if you want to force-load all Links on the Identity usingIdentity.getLinks()
, rather than usingIdentityService
- See Also:
forceLoad
-
mergeLinkAttributes
public List<String> mergeLinkAttributes(String applicationName, String attributeName) throws sailpoint.tools.GeneralException
- Throws:
sailpoint.tools.GeneralException
- See Also:
mergeLinkAttributes(Application, String, Filter)
-
mergeLinkAttributes
public List<String> mergeLinkAttributes(String applicationName, String attributeName, sailpoint.object.Filter linkFilter) throws sailpoint.tools.GeneralException
- Throws:
sailpoint.tools.GeneralException
- See Also:
mergeLinkAttributes(Application, String, Filter)
-
mergeLinkAttributes
public List<String> mergeLinkAttributes(sailpoint.object.Application application, String attributeName, sailpoint.object.Filter linkFilter) throws sailpoint.tools.GeneralException
Extracts the named attribute from each Link of the given application and adds all values from each Link into a common List.- Parameters:
application
- The application to queryattributeName
- The attribute name to querylinkFilter
- The link filter, optional- Returns:
- The merged set of attributes from each application
- Throws:
sailpoint.tools.GeneralException
- if any failures occur
-
setFailOnMultiple
public void setFailOnMultiple(boolean failOnMultiple)
If true, and the Identity has more than one (post-filter) Link of a given Application type, the get-attribute methods will throw an exception.- Parameters:
failOnMultiple
- True if we should fail on multiple accounts
-
setForceLoad
public void setForceLoad(boolean forceLoad)
If true, the Identity’slinks
container will be populated before searching for items.This will make the IdentityService faster in some circumstances, notably repeated queries of links in Identity Attributes.
- Parameters:
forceLoad
- True if we should always load the Link objects
-
setGlobalLinkFilter
public void setGlobalLinkFilter(sailpoint.object.Filter globalLinkFilter)
Sets a global link filter, allowing use of a constant- Parameters:
globalLinkFilter
- The filter to apply to any operation
-
-