Sample transformation script for a CSV file
CSV file structure example
Note that for the script to work in a correct way, make sure the fields in the CSV file are the same as written in the transformation script. The example of CSV file structure for importing users and entitlements is given below.
USER_NAME,APPLICATION,TYPE,ENTITLEMENT_NAMEtest.user,ManagedSystemName,GROUP,GroupNametest.user,ManagedSystemName,ROLE,RoleName
Transformation script example
The text for transformation script (with comments) to get users and entitlements via CSV file for manual applications is provided below.
import org.apache.commons.collections.CollectionUtilsimport org.openiam.base.request.BaseSearchServiceRequestimport org.openiam.base.response.list.ManagedSysListResponseimport org.openiam.base.ws.MatchTypeimport org.openiam.base.ws.SearchParamimport org.openiam.common.beans.mq.GroupRabbitMQServiceimport org.openiam.common.beans.mq.RabbitMQSenderimport org.openiam.common.beans.mq.RoleRabbitMQServiceimport org.openiam.idm.searchbeans.GroupSearchBeanimport org.openiam.idm.searchbeans.ManagedSysSearchBeanimport org.openiam.idm.searchbeans.RoleSearchBeanimport org.openiam.idm.srvc.mngsys.dto.ManagedSysDtoimport org.openiam.idm.srvc.role.dto.Roleimport org.openiam.idm.srvc.synch.dto.LineObjectimport org.openiam.mq.constants.api.idm.ManagedSystemAPIimport org.openiam.mq.constants.queue.idm.ManagedSysQueueimport org.openiam.provision.dto.ProvisionUserimport org.openiam.sync.service.TransformScriptimport org.openiam.sync.service.impl.service.AbstractUserTransformScriptimport org.springframework.context.ApplicationContextclass CsvUserEntitlementsTransformationScript extends AbstractUserTransformScript {private ApplicationContext context/*** The main execution method that performs the transformation.* @param rowObj The line object representing a row in the CSV file.* @param pUser The ProvisionUser object to be transformed.* @return The status code indicating the outcome of the transformation.*/@Overrideint execute(LineObject rowObj, ProvisionUser pUser) {println "** - Transformation script called."// If it's not a new user, populate the ProvisionUser object with data from the CSV row.if (!isNewUser) {try {populateObject(rowObj, pUser)} catch (Exception ex) {ex.printStackTrace();println "** - Transformation script error."return -1}} else {println("User not found in the system!")return TransformScript.SKIP}println "** - Transformation script completed."pUser.setSkipPreprocessor(false)pUser.setSkipPostProcessor(false)return TransformScript.NO_DELETE}/*** Populates the ProvisionUser object with entitlement data from the CSV row.* @param rowObj The line object representing a row in the CSV file.* @param pUser The ProvisionUser object to be populated.*/private void populateObject(LineObject rowObj, ProvisionUser pUser) {def columnMap = rowObj.columnMapdef manSys = columnMap.get("APPLICATION")?.valuedef type = columnMap.get("TYPE")?.valuedef name = columnMap.get("ENTITLEMENT_NAME")?.value// Get the ManagedSysDto object based on the application name.ManagedSysDto dto = getManagedSystemByName(manSys)if (dto) {// If the entitlement type is "GROUP", add the group to the ProvisionUser object.if ("GROUP".equals(type)) {addGroup(pUser, name, dto.getId())}// If the entitlement type is "ROLE", add the role to the ProvisionUser object.else if ("ROLE".equals(type)) {addRole(pUser, name, dto.getId())}}}/*** Adds a group to the ProvisionUser object.* @param pUser The ProvisionUser object.* @param groupName The name of the group to be added.* @param managedSysId The ID of the ManagedSysDto object.*/def addGroup(ProvisionUser pUser, String groupName, String managedSysId) {println "Start addGroup function"// Get the GroupRabbitMQService bean from the application context.GroupRabbitMQService groupWS = (GroupRabbitMQService) context.getBean(GroupRabbitMQService.class)GroupSearchBean groupSearchBean = new GroupSearchBean()groupSearchBean.setNameToken(new SearchParam(groupName, MatchType.EXACT))groupSearchBean.addManagedSystemId(managedSysId)// Find the group bean based on the search criteria.def groups = groupWS.findBeans(groupSearchBean, 0, 1)if (groups) {// Add the group to the ProvisionUser object.pUser.addGroup(groups.first(), new HashSet<String>(), null, null)}}/*** Adds a role to the ProvisionUser object.* @param pUser The ProvisionUser object.* @param roleName The name of the role to be added.* @param managedSysId The ID of the ManagedSysDto object.*/def addRole(ProvisionUser pUser, String roleName, String managedSysId) {println "Start addRole function"// Get the RoleRabbitMQService bean from the application context.def roleDataService = context?.getBean(RoleRabbitMQService.class) as RoleRabbitMQServiceRoleSearchBean roleSearchBean = new RoleSearchBean()roleSearchBean.setDeepCopy(false)roleSearchBean.setNameToken(new SearchParam(roleName, MatchType.EXACT))roleSearchBean.addManagedSystemId(managedSysId)// Find the role bean based on the search criteria.def roles = roleDataService.findBeans(roleSearchBean, 0, 1)Role role = nullif (roles != null && roles.size() > 0) {role = roles.get(0)}if (role) {// Add the role to the ProvisionUser object.pUser.addRole(role, null, null, null)} else {println "Role with name " + roleName + " was not found"}}@Overridevoid init() {}}