IdentityMinder BLTHContext::getGroupAdmins() doesn't work as expected (Legacy_Onyx KB Id: 215183)
search cancel

IdentityMinder BLTHContext::getGroupAdmins() doesn't work as expected (Legacy_Onyx KB Id: 215183)

book

Article ID: 55002

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal

Issue/Introduction

You would like to make sure that a group has atleast one administrator. For example, an administrator goes into Modify Group task and removes all the Administrators from the list. You would like to give out an error when this happens and stop the administrator from deleting all the administrators from the group.

Following is the code of BLTH to accomplish this. It is based on the BLTHGroupSample.java (that works correctly) which limits the number of members added to a group to 10.

package com.netegrity.samples;

import com.netegrity.ims.exception.IMSException;
import com.netegrity.llsdk6.imsapi.managedobject.*;
import com.netegrity.imapi.BLTHAdapter;
import com.netegrity.imapi.BLTHContext;
import com.netegrity.imapi.ResultsContainer;
import com.netegrity.llsdk6.imsapi.type.ObjectType;
import com.netegrity.llsdk6.imsapi.type.ActionType;
import java.util.Vector;
import java.io.BufferedWriter;
import java.io.IOException;
import java.io.FileWriter;

public class BLTHGeneCheckGroup extends BLTHAdapter
{

public boolean shouldExecute(BLTHContext context) throws Exception
{
if ((context.getTSContext().getTask().getActionType()==ActionType.MODIFY &&
context.getTSContext().getSubject().getObjectType() == ObjectType.GROUP))
{
return true;
}

return false;
}


public int handleTask(BLTHContext context) throws Exception
{
ResultsContainer groupAdmins = context.getGroupAdmins();
try
{
BufferedWriter out = new BufferedWriter(new FileWriter("/tmp/idmerr.log", true));
out.write( "
Current Values: " + groupAdmins.getCurrentValues().size() + ", Additions: " + groupAdmins.getAdditions().size() + ", Deletions: " + groupAdmins.getDeletions().size() + ", New Current Values: " + groupAdmins.getNewCurrentValues().size() );
out.close();
} catch (IOException e)
{
IMSException imsEx = new IMSException();
imsEx.addUserMessage("Error: Cannot open log file.");
throw imsEx;
}
/*if ( ( groupAdmins.getCurrentValues().size() + groupAdmins.getAdditions().size() - groupAdmins.getDeletions().size() ) < 1 )
{
IMSException imsEx = new IMSException();
imsEx.addUserMessage("Error: Group must contain at least one owner.");
throw imsEx;}*/

return 0;
}
}

Following is the debug output if the administrator goes in and adds 2 administrators removes one administrator in a group that already contains 5 administrators:

Current Values: 5, Additions: 0, Deletions: 0, New Current Values: 0

As you can see, groupAdmins.getCurrentValues().size() returns 5 which is correct. However, Additions returns 0 (should be 2), Deletion returns 0 (should be 1) and New Current Values returns 0 (should be 6).

You have spent quite some time and cannot figure out why it is behaving like this.

 

Environment

Release:
Component: IDMIND

Resolution

You can get this functionality to work with the GroupGroupsTabHandler class in the ims.jar.