Page tree
Skip to end of metadata
Go to start of metadata

dispatcherService is an object available from agents' attribute translation rules.

This object contains four methods:

 

method nameparametersresult typecomments
soffidToSystemExtensibleObject soffidObjectExtensibleObject

Uses attribute translation tables to transform a soffid object to a target system object.

Mind to fill-in objectType property to use the proper object mapping

systemToSoffidExtensibleObject systemObjectExtensibleObject

Uses attribute translation tables to transform a target system object to a Soffid object.

Mind to fill-in objectType property to use the proper object mapping

searchExtensibleObject exampleObjectExtensibleObject

Uses the exampleObject to perform a query by example on the target system. If the object exists on the target system, it is returned.

Mind to fill-in objectType property with the desired system object type

invoke

String verb

String action

Map parameters

List of Map

This method allows arbitrary executions on the target system, but it semantics can change depending on the connector used.

For instance, it can be used to perform a GET on the target system in REST connector, can issue an LDAP query on ActiveDirectory connector, can execute a SELECT sentence on a SQL connector, or can execute an operating system command in Shell connector.

The results are returned as a list of objects (map).

Some examples:

Snippet to query the sys_id attribute for a grant owner
System.out.println("Searching id for "+ownerRoleName);
com.soffid.iam.sync.intf.ExtensibleObject eo = new com.soffid.iam.sync.intf.ExtensibleObject();
eo.setObjectType("ROLE");
eo{"name"} = ownerRoleName;
eo = dispatcherService.search(eo);
System.out.println("FOUND "+eo{"sys_id"});
return eo{"sys_id"};
Snippet that performs a REST query to get group to role assignments in ServiceNow
list = dispatcherService.invoke ("GET", 
  "https://arxusdev.service-now.com/api/now/table/sys_group_has_role?sysparm_exclude_reference_link=true&sysparm_display_value=all&sysparm_fields=role%2Cgroup&sysparm_query=group="+sys_id,
  null).
  get(0).get("result")
 
r = new java.util.LinkedList();
for ( d: list)
{
  grant = new java.util.HashMap();
  grant{"grantedRole"} = d.get("role").get("display_value");
  grant{"grantedRoleSystem"} = "ServiceNow";
  grant{"ownerRoleName"} = name;
  grant{"ownerSystem"} = "ServiceNow";
  r.add  (grant);
}
return r;
Snippet of invoke usage on a relational database
// Table ITREPRT
role = source{"granted"}.size() == 0 ? "" : source{"granted"}.get(0);
System.out.println ("************** ROLE "+role);
args = new java.util.HashMap();
args.put("user", source{"accountName"}.toUpperCase());
if (role.equals ("Receptores PR") || role.equals("Jefes_Personal")) {
  r = dispatcherService.invoke("select", "* from ITREPRT where IDUSER=:user", args);
  if (r.size() == 0) {
	dispatcherService.invoke("insert", "into ITREPRT(IDUSER,NOMECO) values (:user, 1)", args);
  }  
} else {
  dispatcherService.invoke("delete", "from ITREPRT where IDUSER=:user", args);
}
// TABLE MRGEUCT
cc = source{"attributes"}{"dominio"};
if ( source{"userType"} .equals ("T")) {
  cc = source{"userName"}.substring(1);  
}
while (cc != null && cc.startsWith("0")) cc = cc.substring(1);
System.out.println ("************** COST CENTER "+cc);
if (cc != null && ! cc.trim().isEmpty())
{
  args = new java.util.HashMap();
  args.put("user", source{"accountName"}.toUpperCase());
  args.put("cc", cc);
  r = dispatcherService.invoke("SELECT", "* from MRGEUCT where IDUSER=:user and MOARPR=:cc", args);
  if (r.size() == 0) {
	dispatcherService.invoke("INSERT", "into MRGEUCT(MOARPR,CENTRA, IDUSER, NOTIFI ) "+
                             "values ('II', :cc, :user, 'S')", args);
	dispatcherService.invoke("INSERT", "into MRGEUCT(MOARPR,CENTRA, IDUSER, NOTIFI ) "+
                             "values ('BM', :cc, :user, 'S')", args);
	dispatcherService.invoke("DELETE", "FROM MRGEUCT WHERE CENTRA!=:cc AND IDUSER=:user", args);
  }  
}
return true;     
  • No labels