Description: Uses the Oracle Identity Manager API to make updates (add, delete, and modify) on a resource account child form.
Reference: http://docs.oracle.com/cd/E40329_01/apirefs.1112/e28159/toc.htm
Source Code
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 | package com.blogspot.oraclestack.utilities;import java.util.ArrayList;import java.util.HashMap;import java.util.HashSet;import java.util.Hashtable;import java.util.Iterator;import java.util.List;import java.util.Map;import oracle.core.ojdl.logging.ODLLevel;import oracle.core.ojdl.logging.ODLLogger;import oracle.iam.identity.exception.NoSuchUserException;import oracle.iam.identity.exception.UserLookupException;import oracle.iam.identity.usermgmt.api.UserManager;import oracle.iam.identity.usermgmt.api.UserManagerConstants;import oracle.iam.identity.usermgmt.vo.User;import oracle.iam.platform.OIMClient;import oracle.iam.platform.entitymgr.vo.SearchCriteria;import oracle.iam.provisioning.api.ProvisioningConstants;import oracle.iam.provisioning.api.ProvisioningService;import oracle.iam.provisioning.exception.AccountNotFoundException;import oracle.iam.provisioning.exception.GenericProvisioningException;import oracle.iam.provisioning.exception.UserNotFoundException;import oracle.iam.provisioning.vo.Account;import oracle.iam.provisioning.vo.AccountData;import oracle.iam.provisioning.vo.ChildTableRecord;import oracle.iam.provisioning.vo.ChildTableRecord.ACTION;/** * Update a child process form for a speicifc resource account. * @author rayedchan * @version 1.0 */public class UpdateChildProcessForm{ // Environment specfic constants public static final String OIM_HOSTNAME = "localhost"; public static final String OIM_PORT = "14000"; public static final String OIM_USERNAME = "xelsysadm"; public static final String OIM_PASSWORD = "Password1"; public static final String OIM_CLIENT_HOME ="/home/oracle/jdeveloper/mywork/OracleIdentityManager/Resources/oimclient"; public static final String AUTHWL_PATH =OIM_CLIENT_HOME + "/conf/authwl.conf"; // Constants for testing public static final String USER_LOGIN = "ntaylor"; public static final String RESOURCE_OBJECT_NAME = "DBAT USER"; public static final String CHILD_PROCESS_FORM_NAME = "UD_DBATRO"; public static final String CHILD_ATTRIBUTE_NAME = "UD_DBATRO_ROLE"; public static final ODLLogger logger = ODLLogger.getODLLogger(UpdateResoureProcessForm.class.getName()); public static ProvisioningService provOps = null; public static UserManager usrMgrOps = null; public static void main (String[] args) { OIMClient oimClient = null; try { // Set system properties required for OIMClient System.setProperty("java.security.auth.login.config", AUTHWL_PATH); System.setProperty("APPSERVER_TYPE", "wls"); // Create an instance of OIMClient with OIM environment information Hashtable env = new Hashtable(); env.put(OIMClient.JAVA_NAMING_FACTORY_INITIAL,"weblogic.jndi.WLInitialContextFactory"); env.put(OIMClient.JAVA_NAMING_PROVIDER_URL, OIM_PROVIDER_URL); oimClient = new OIMClient(env); // Login to OIM with the approriate credentials oimClient.login(OIM_USERNAME, OIM_PASSWORD.toCharArray()); // Get OIM services provOps = oimClient.getService(ProvisioningService.class); usrMgrOps = oimClient.getService(UserManager.class); // Get usr_key String userKey = getUserKeyByUserLogin(USER_LOGIN); // Get user's resource account Account resourceAccount = getUserResourceAccount(userKey, RESOURCE_OBJECT_NAME); // Get account's child data Map<String, ArrayList<ChildTableRecord>> childData = resourceAccount.getAccountData().getChildData(); logger.log(ODLLevel.NOTIFICATION, "Resource Account Child Data: {0}", new Object[]{childData}); printResourceAccountChildData(childData); // Staging objects HashMap<String, Object> modParentData = new HashMap<String, Object>(); Map<String, ArrayList<ChildTableRecord>> modChildData = new HashMap<String, ArrayList<ChildTableRecord>>(); ArrayList<ChildTableRecord> modRecords = new ArrayList<ChildTableRecord>(); // Stage Add Child Record HashMap<String,Object> addRecordData = new HashMap<String,Object>(); addRecordData.put(CHILD_ATTRIBUTE_NAME, "Engineer"); ChildTableRecord addRecord = new ChildTableRecord(); addRecord.setAction(ACTION.Add); addRecord.setChildData(addRecordData); modRecords.add(addRecord); // Stage Modify Child Record //HashMap<String,Object> modifyRecordData = new HashMap<String,Object>(); //modifyRecordData.put(CHILD_ATTRIBUTE_NAME, "Engineer II"); //ChildTableRecord modifyRecord = new ChildTableRecord(); //modifyRecord.setChildData(modifyRecordData); //modifyRecord.setAction(ACTION.Modify); //modifyRecord.setRowKey(getChildRecordKeyByValue(CHILD_PROCESS_FORM_NAME, CHILD_ATTRIBUTE_NAME, "Engineer", resourceAccount)); // <UD_TABLE>_KEY (Child Record Key) //modRecords.add(modifyRecord); // Stage Remove Child Record //HashMap<String,Object> removeRecordData = new HashMap<String,Object>(); //ChildTableRecord removeRecord = new ChildTableRecord(); //removeRecord.setChildData(removeRecordData); //removeRecord.setAction(ACTION.Delete); //removeRecord.setRowKey(getChildRecordKeyByValue(CHILD_PROCESS_FORM_NAME, CHILD_ATTRIBUTE_NAME, "Engineer", resourceAccount)); // <UD_TABLE>_KEY (Child Record Key) //modRecords.add(removeRecord); modChildData.put(CHILD_PROCESS_FORM_NAME, modRecords); // Put Child Form Name and its modified child data modifyUserResourceAccountParentData(userKey, resourceAccount, modParentData, modChildData); // Modify resource account } catch (Exception ex) {logger.log(ODLLevel.ERROR, "", ex);} finally { // Logout user from OIMClient if (oimClient != null) { oimClient.logout();} } } /** * Get the row key of a child record * @param childFormName Name of the Child Form to inspect * @param childAttributeName Name of the child attrribute used as a criteria * @param childAttributeValue Value of the childAttributeName to search agaimst * @param resourceAccount The user's resource account * @return Child Record Key * @throws Exception */ public static String getChildRecordKeyByValue(String childFormName, String childAttributeName, String childAttributeValue, Account resourceAccount) throws Exception { Map<String, ArrayList<ChildTableRecord>> childData = resourceAccount.getAccountData().getChildData(); logger.log(ODLLevel.NOTIFICATION, "Resource Account Child Data: {0}", new Object[]{childData}); // Child Data Iterator Iterator iter = childData.entrySet().iterator(); // Iterator each child form while(iter.hasNext()) { Map.Entry pairs = (Map.Entry) iter.next(); String currentChildFormName = (String) pairs.getKey(); ArrayList<ChildTableRecord> childFormData = (ArrayList<ChildTableRecord>) pairs.getValue(); logger.log(ODLLevel.NOTIFICATION, "[Child Form Name: {0}], [Child Form Data: {1}]", new Object[]{childFormName, childFormData}); if (currentChildFormName.equals(childFormName)) { // Iterate records in a child form for (ChildTableRecord record : childFormData) { ACTION action = record.getAction(); Map<String, Object> childRecordData = record.getChildData(); String rowKey = record.getRowKey(); String attributeValue = (String)childRecordData.get(childAttributeName); if (attributeValue.equals(childAttributeValue)) { logger.log(ODLLevel.NOTIFICATION, "[Action: {0}], [Child Record Data: {1}], [Row Key: {2}]", new Object[]{action, childRecordData, rowKey}); return rowKey; } } } } // Child Value does not exist throw new Exception("Child Value does not exist"); } /** * Get a specific user's resource account * @param userKey ` OIM user's usr_key * @param resourceObjectName Name of the resource object * @return Resource account * @throws UserNotFoundException * @throws GenericProvisioningException */ public static Account getUserResourceAccount(String userKey, String resourceObjectName) throws UserNotFoundException, GenericProvisioningException { boolean populateAccountData = true; HashMap<String,Object> configParams = new HashMap<String,Object>(); SearchCriteria criteria = new SearchCriteria(ProvisioningConstants.AccountSearchAttribute.OBJ_NAME.getId(), resourceObjectName, SearchCriteria.Operator.EQUAL); List<Account> accounts = provOps.getAccountsProvisionedToUser(userKey, criteria , configParams , populateAccountData); for (Account account : accounts) { String accountId = account.getAccountID(); String appInstName = account.getAppInstance().getApplicationInstanceName(); Map<String, Object> accountData = account.getAccountData().getData(); String accountStatus = account.getAccountStatus(); logger.log(ODLLevel.NOTIFICATION, "Account Id: [{0}], Application Instance Name: [{1}], Account Status: [{2}], Account Data:[{3}]", new Object[]{accountId, appInstName, accountStatus, accountData}); // Only return enabled, provisioned, or disabled account if(ProvisioningConstants.ObjectStatus.PROVISIONED.getId().equals(accountStatus) || ProvisioningConstants.ObjectStatus.ENABLED.getId().equals(accountStatus) || ProvisioningConstants.ObjectStatus.DISABLED.getId().equals(accountStatus)) { logger.log(ODLLevel.NOTIFICATION, "Return Account Id: [{0}]", new Object[]{accountId}); return account; } } return null; } /** * Get the user's usr_key * @param userLogin OIM.User Login (USR_LOGIN) * @return value of usr_key * @throws NoSuchUserException * @throws UserLookupException */ public static String getUserKeyByUserLogin(String userLogin) throws NoSuchUserException, UserLookupException { boolean userLoginUsed = true; HashSet<String> attrsToFetch = new HashSet<String>(); attrsToFetch.add(UserManagerConstants.AttributeName.USER_KEY.getId()); attrsToFetch.add(UserManagerConstants.AttributeName.USER_LOGIN.getId()); User user = usrMgrOps.getDetails(userLogin, attrsToFetch, userLoginUsed); logger.log(ODLLevel.NOTIFICATION, "User Details: {0}", new Object[]{user}); return user.getEntityId(); } /** * Modifies a resource account on an OIM user * @param userKey OIM usr_key * @param resourceAccount Existing resource account to modify * @param modAttrs Attributes to modify on the paraent form * @throws AccountNotFoundException * @throws GenericProvisioningException */ public static void modifyUserResourceAccountParentData(String userKey, Account resourceAccount, HashMap<String, Object> modAttrs, Map<String, ArrayList<ChildTableRecord>> modChildData) throws AccountNotFoundException, GenericProvisioningException { // Stage resource account modifcations String accountId = resourceAccount.getAccountID(); String processFormInstanceKey = resourceAccount.getProcessInstanceKey(); Account modAccount = new Account(accountId, processFormInstanceKey, userKey); logger.log(ODLLevel.NOTIFICATION, "Account Id: [{0}], Process Form Instance Key: [{1}]", new Object[]{accountId, processFormInstanceKey}); // Setup account data object String formKey = resourceAccount.getAccountData().getFormKey(); String udTablePrimaryKey = resourceAccount.getAccountData().getUdTablePrimaryKey(); AccountData accountData = new AccountData(formKey, udTablePrimaryKey , modAttrs); logger.log(ODLLevel.NOTIFICATION, "Form Key: [{0}], UD Table Primary Key: [{1}]", new Object[]{formKey, udTablePrimaryKey}); accountData.setChildData(modChildData); // set child data // Set necessary information to modified account modAccount.setAccountData(accountData); modAccount.setAppInstance(resourceAccount.getAppInstance()); // Modify resource account provOps.modify(modAccount); logger.log(ODLLevel.NOTIFICATION, "Modification successful."); } /** * Prints the child data in each child form of a resource account. * @param childData Child data of user's resource account */ public static void printResourceAccountChildData(Map<String, ArrayList<ChildTableRecord>> childData) { // Child Data Iterator Iterator iter = childData.entrySet().iterator(); // Iterator each child form while(iter.hasNext()) { Map.Entry pairs = (Map.Entry) iter.next(); String childFormName = (String) pairs.getKey(); ArrayList<ChildTableRecord> childFormData = (ArrayList<ChildTableRecord>) pairs.getValue(); logger.log(ODLLevel.NOTIFICATION, "[Child Form Name: {0}], [Child Form Data: {1}]", new Object[]{childFormName, childFormData}); // Iterate records in a child form for (ChildTableRecord record : childFormData) { ACTION action = record.getAction(); Map<String, Object> childRecordData = record.getChildData(); String rowKey = record.getRowKey(); logger.log(ODLLevel.NOTIFICATION, "[Action: {0}], [Child Record Data: {1}], [Row Key: {2}]", new Object[]{action, childRecordData, rowKey}); } } } } |
No comments:
Post a Comment