/
Core Objects - Standard service tasks in Identity Manager

Core Objects - Standard service tasks in Identity Manager

Core Objects: Check Relation

Description

Use this task to check if a relation between two core objects exists. The names of both data pools have to be provided. The direction of the relation is not relevant, meaning that source and destination may be exchanged.

Configuration

To use this task, configure the following delegate expression in your service task:

${checkObjectRelationParametrizedTask}

The following parameters can be configured in Identity Manager Admin:

Parameter

Mandatory

Value

Description

Parameter

Mandatory

Value

Description

sourceDataPoolName

 

 

The name of the source data pool that is used to check the relation with the destination data pool.

destinationDataPoolName

 

 

The name of the destination data pool that is used to check the relation with the source data pool.

resultVariable

 

Valid values:

  • true

  • false

The name of the field indicating if a relation between the source and destination data pool exists. Contains either a "true" or "false" value.

"True" means that the objects are related to each other. "False" means that there is no relation between them.

Core Objects: Create Relation

Description

Use this task to create a relation between two core objects.

Object Relations tab

In this tab you manage the object relation types. A default entry is already set per tenant. Exactly one configuration must be the default configuration which is used when saving data, see Set up process in Identity Manager, the Save Data task.

Include these two fields in an object relations configuration:

  • Name: name of the object relation type

  • Default: determines if this configuration should be the default configuration

Configuration

To use this task, configure the following delegate expression in your service task:

${createRelationParametrizedJavaDelegate}

The following parameters can be configured in Identity Manager Admin:

Parameter

Mandatory

Value

Description

Parameter

Mandatory

Value

Description

source

 

 

Data pool name of the source of the relation, which has to be created. The core template name of this data pool will be saved in the database.

destination

 

 

Data pool name of the target of the relation, which has to be created. The core template name of this data pool will be saved in the database.

includeRelationTypeToCompareOfObjects

 

Valid values:

  • true

  • false (default at design time) 

Flag indicating if the relation type should be included when searching if the relation already exists. If you want to create multiple relations of different types between two core objects this parameter has to be set to true.

Example: A relation Card → Certificate already exists in the database with the relation type "OldRelation"

Use case 1

  1. Input:

    1. includeRelationTypeToCompareOfObjects = true

    2. Relation type = "NewRelation"

  2. Expected output:

    1. New relationship (relation type - "NewRelation") added for the relation Card → Certificate

Use case 2

  1. Input:

    1. includeRelationTypeToCompareOfObjects = false

    2. Relation type = "NewRelation"

  2. Expected output:

    1. No changes as a relation is already found.

exceptionIsThrownIfRelationAlreadyExists

 

Valid values:

  • true (default at design time)

  • false

Flag indicating how the application reacts if the relation already exists. If set to "true" then throw Exception, else do nothing.

relationType

 

Default

Type of the relation. The object relation type must exist or an exception is thrown.

Core Objects: Drop Relation

Description

Use this task to remove existing relations between objects. The removal applies for all relations between one specific object and either:

  • a single second object, or

  • all other objects belonging to the named Data Pool

  • all other objects belonging to the named template.

Furthermore, it is independently possible to restrict the removal to relations of a specific type.

Example: An employee started working with a replacement card. Later he or she receives an employee card. The connection to the reusable replacement card can then be removed.

  • Single: Both objects must be loaded into the process map before the relation can be dropped.

  • Either secondDataPoolName, secondDataPoolNameDropAll, or coreTemplateName must be provided. Only one of them is allowed. The ones that are not used must be deleted.

Configuration

To use this task, configure the following delegate expression in your service task: 

${dropRelationsParametrizedTask}

The following parameters can be configured in Identity Manager Admin:

Parameter

Mandatory

Value

Description

Parameter

Mandatory

Value

Description

dataPoolName

 

 

Data pool name of the object whose relation shall be removed.

secondDataPoolName

-

 

Only one of these three parameters is allowed to be filled!

Single Drop: Data pool name of the second single object. This object has to be available inside the Process Map.

secondDataPoolNameDropAll

-

Data pool Drop: Name of a Data pool. Relations to all objects belonging to this data pool are removed.

coreTemplateName

-

Core Template Drop: Name of a Core template. Relations to all objects belonging to this template are removed.

objectType

 

 

Deprecated. This parameter has the same meaning as coreTemplateName and is only provided for downgrade compatibility.

relationType

-

 

When configured, only relations of the specified type are removed.

Core Objects: Expiry Check

Description

Use this task to find core objects (for example, soft tokens), that will expire within a given time range.

Configuration

To use this task, configure the following delegate expression in your service task:

 The following parameters can be configured in Identity Manager Admin:

Parameter

Mandatory

Value

Description

Parameter

Mandatory

Value

Description

coreTemplateNameList

 

 

Comma separated list of core template names that shall be the base of the search.

fieldName

 

Example value:

  • ValidTo

Name of the data pool field that indicates the expiration date, for example, ValidTo. The data pool must belong to the core template(s) mentioned above.

offsetInDays

 

Example value:

  • 30 (see also the description to the right)

The offset in days before the related core objects expire.

The base is the field specified by fieldName, for example ValidTo. If you provide a value for offsetInDays, then logically it is

ValidTo - offsetInDays = dateToFindSofttoken

  • If dateToFindSofttokens is still in the future compared to the currentDate, then the soft token will not be found.

  • If dateToFindSofttokens is equal to the current date or if it is in the past, then the soft tokens will be found.

Example:

Expiry date of a soft token is 31st March 2017. If the offsetInDays is set to 30, the service task will only find the soft token with the beginning of 1st March 2017.

coreObjectIdListVariableName

-

Example value:

  • PcmDpCertificate_Coreobjects

  • CoreObject_Ids

Name of the variable containing the core objects that were found during the search. It contains only the core object ids.

Meta_CoreObjectState_Field

 

Example values:

  • Meta_CoreObjectState_PstmDpCertificate

  • Meta_CoreObjectState_BaseDpEmployee

Name of the data pool field that indicates the state of the core object. The data pool must belong to the core template(s) mentioned above.

Meta_CoreObjectState_Value

 

Example values:

  • issued

  • active

  • etc.

The actual state that shall be used for filtering the search.

 

Copyright 2024 Technology Nexus Secured Business Solutions AB. All rights reserved.
Contact Nexus | https://www.nexusgroup.com | Disclaimer | Terms & Conditions