OIM API's run with logged-in users context and not the Admin user context but there are situations where this logged-in user may not have enough capabilities to perform our desired operations.
In such cases We can add below steps and perform our code to run in Admin context... FYI I have used this in the request Data Validator for one of our requirement.
String ContextUserbeforeUpdate=ContextManager.getOIMUser();
System.out.println("Context OIM user Before Updating with Admin Context: " +ContextManager.getOIMUser());
HashMap<String,String> map = new HashMap<String,String>();
map.put(UserManagerConstants.AttributeName.USER_KEY.getId(), "1");//Passing the User Key of XELSYSADM i.e. 1 , need to pass it as hardcoded as existing context User is not having the search capability to get this key based on Login(XELSYSADM) but anyhow 1 is usrkey for XELSYSADM always.
ContextManager.setOIMUser("XELSYSADM");
ContextManager.setUserDetails(map); //Sets the Context Details with XELSYSADM Details
ContextManager.pushContext(null, ContextManager.ContextTypes.ADMIN, "");
System.out.println("Context OIM user after setting with Admin Context: " +ContextManager.getOIMUser());
//Perform your operations start ------
RoleManager roleManager= Platform.getService(RoleManager.class);
Set<String> retKey = new HashSet<String>();
SearchCriteria criteria;
criteria = new SearchCriteria(RoleAttributeName.NAME.getId(), roleName, SearchCriteria.Operator.EQUAL);
List<Role> role=roleManager.search(criteria, retKey, null);
//Perform your operations end -------
ContextManager.popContext();
System.out.println("Context OIM user after popup: " +ContextManager.getOIMUser());
ContextManager.setOIMUser(ContextUserbeforeUpdate);
System.out.println("Context All Values after Setting Back the User: "+ContextManager.getAllValuesFromCurrentContext());
System.out.println("Context OIM user after Setting Back the User: " +ContextManager.getOIMUser());
No comments:
Post a Comment