com.ibm.itim.dataservices.model.policy.recert

Class RecertificationPolicy

  • All Implemented Interfaces:
    Policy, ProtectedObject, com.ibm.itim.util.Sortable, com.ibm.itim.util.xml.objectstream.Importable, java.io.Serializable

    public class RecertificationPolicy
extends ServicePolicy
    This class provides a base implementation for the recertification policy value objects that support the scoping capabilities. If the policy is defined with the advanced workflow, then invoking the get methods related to the workflow specific attribute can return null or will not return a correct value, and the set method related to the workflow specific attribute cannot be used to modify the recertification policy. The recertification policy cannot be searched using the SearchMO object.
    Since:
    ITIM 5.1
    See Also:
    DirectoryPolicy, Serialized Form

    • Field Detail

      • ROLLING_SCHEDULE_MODE

        public static final java.lang.String ROLLING_SCHEDULE_MODE
        This constant specifies the valid value for the scheduling mode attribute when the scheduling mode of the policy is rolling.
        See Also:
        SCHEDULING_MODE_ATTRIBUTE_NAME, Constant Field Values

      • CALENDAR_SCHEDULING_MODE

        public static final java.lang.String CALENDAR_SCHEDULING_MODE
        This constant specifies the valid value for the scheduling mode attribute when the scheduling mode of the policy is Calendar.
        See Also:
        SCHEDULING_MODE_ATTRIBUTE_NAME, Constant Field Values

      • ACCOUNT_TYPE

        public static final java.lang.String ACCOUNT_TYPE
        This constant specifies the valid value for the target type when the target type is Account.
        See Also:
        Constant Field Values

      • ACCESS_TYPE

        public static final java.lang.String ACCESS_TYPE
        This constant specifies the valid value for the target type when the target type is Access.
        See Also:
        Constant Field Values

      • IDENTITY_TYPE

        public static final java.lang.String IDENTITY_TYPE
        This constant specifies the valid value for the target type when the target type is User.
        See Also:
        Constant Field Values

      • APPROVE_TIMEOUT_ACTION

        public static final java.lang.String APPROVE_TIMEOUT_ACTION
        Constant to specify an approval action when the recertification times out. Constant representing a valid value for the timeout action attribute.
        See Also:
        TIMEOUT_ACTION_ATTRIBUTE_NAME, Constant Field Values

      • REJECT_TIMEOUT_ACTION

        public static final java.lang.String REJECT_TIMEOUT_ACTION
        Constant to specify a reject action when the recertification times out. Constant representing a valid value for the timeout action attribute.
        See Also:
        TIMEOUT_ACTION_ATTRIBUTE_NAME, Constant Field Values

      • NO_TIMEOUT_ACTION

        public static final java.lang.String NO_TIMEOUT_ACTION
        Constant to specify a no action when the recertification times out. Constant representing a valid value for the timeout action attribute.
        See Also:
        TIMEOUT_ACTION_ATTRIBUTE_NAME, Constant Field Values

      • MARK_REJECT_ACTION

        public static final java.lang.String MARK_REJECT_ACTION
        Constant to specify a mark action when the recertification is rejected. Constant representing a valid value for the reject action attribute.
        See Also:
        REJECT_ACTION_ATTRIBUTE_NAME, Constant Field Values

      • SUSPEND_REJECT_ACTION

        public static final java.lang.String SUSPEND_REJECT_ACTION
        Constant to specify a suspend action when the recertification is rejected. Constant representing a valid value for the reject action attribute.
        See Also:
        REJECT_ACTION_ATTRIBUTE_NAME, Constant Field Values

      • DELETE_REJECT_ACTION

        public static final java.lang.String DELETE_REJECT_ACTION
        Constant to specify a delete action when the recertification is rejected. Constant representing a valid value for the reject action attribute.
        See Also:
        REJECT_ACTION_ATTRIBUTE_NAME, Constant Field Values

      • ALL_USER_CLASS

        public static final java.lang.String ALL_USER_CLASS
        This constant is used to specify the user type when the user type is ALL. Constant representing a valid value for the user class attribute.
        See Also:
        USER_CLASS_ATTRIBUTE_NAME, Constant Field Values

      • PERSON_USER_CLASS

        public static final java.lang.String PERSON_USER_CLASS
        This constant is used to specify the user type when the user type is PERSON. Constant representing a valid value for the user class attribute.
        See Also:
        USER_CLASS_ATTRIBUTE_NAME, Constant Field Values

      • BPPERSON_USER_CLASS

        public static final java.lang.String BPPERSON_USER_CLASS
        This constant is used to specify the user type when the user type is BPPERSON. Constant representing a valid value for the user class attribute.
        See Also:
        USER_CLASS_ATTRIBUTE_NAME, Constant Field Values

      • DEFAULT_PARTICIPANT_RESPONSE_TIMEOUT

        public static final int DEFAULT_PARTICIPANT_RESPONSE_TIMEOUT
        Default value for the participant response timeout in days.
        See Also:
        Constant Field Values

      • POLICY_ITEM_NAME_ATTRIBUTE_NAME

        public static final java.lang.String POLICY_ITEM_NAME_ATTRIBUTE_NAME
        Constant that specifies the name attribute of the recertification policy.
        See Also:
        Constant Field Values

      • DESCRIPTION_ATTRIBUTE_NAME

        public static final java.lang.String DESCRIPTION_ATTRIBUTE_NAME
        Constant that specifies the description attribute of the recertification policy.
        See Also:
        Constant Field Values

      • ENABLED_ATTRIBUTE_NAME

        public static final java.lang.String ENABLED_ATTRIBUTE_NAME
        Constant that specifies the enabled attribute of the recertification policy.
        See Also:
        Constant Field Values

      • POLICY_TARGET_ATTRIBUTE_NAME

        public static final java.lang.String POLICY_TARGET_ATTRIBUTE_NAME
        Constant that specifies the target attribute of the recertification policy.
        See Also:
        Constant Field Values

      • RECERTIFIER_ATTRIBUTE_NAME

        public static final java.lang.String RECERTIFIER_ATTRIBUTE_NAME
        Constant that specifies the recertifier attribute of the recertification policy.
        See Also:
        Constant Field Values

      • SCHEDULING_MODE_ATTRIBUTE_NAME

        public static final java.lang.String SCHEDULING_MODE_ATTRIBUTE_NAME
        String constant for the scheduling mode attribute name.
        See Also:
        Constant Field Values

      • ROLLING_INTERVAL_ATTRIBUTE_NAME

        public static final java.lang.String ROLLING_INTERVAL_ATTRIBUTE_NAME
        String constant for the rolling interval attribute name.
        See Also:
        Constant Field Values

      • TIMEOUT_ACTION_ATTRIBUTE_NAME

        public static final java.lang.String TIMEOUT_ACTION_ATTRIBUTE_NAME
        String constant for the timeout action attribute name.
        See Also:
        Constant Field Values

      • TIMEOUT_PERIOD_ATTRIBUTE_NAME

        public static final java.lang.String TIMEOUT_PERIOD_ATTRIBUTE_NAME
        String constant for the timeout period attribute name.
        See Also:
        Constant Field Values

      • REJECT_ACTION_ATTRIBUTE_NAME

        public static final java.lang.String REJECT_ACTION_ATTRIBUTE_NAME
        String constant for the reject action attribute name.
        See Also:
        Constant Field Values

      • REJECT_NOTIFTY_ATTRIBUTE_NAME

        public static final java.lang.String REJECT_NOTIFTY_ATTRIBUTE_NAME
        String constant for the reject notification attribute name.
        See Also:
        Constant Field Values

      • USER_CLASS_ATTRIBUTE_NAME

        public static final java.lang.String USER_CLASS_ATTRIBUTE_NAME
        String constant for the user class attribute name.
        See Also:
        Constant Field Values

      • SCHEDULE_ATTRIBUTE_NAME

        public static final java.lang.String SCHEDULE_ATTRIBUTE_NAME
        String constant for the schedule attribute name.
        See Also:
        Constant Field Values

    • Constructor Detail

      • RecertificationPolicy

        public RecertificationPolicy(java.lang.String policyName,
                             int scope,
                             boolean enable,
                             java.lang.String policyType,
                             java.util.Collection<IPolicyTarget> policyTargets,
                             RecurringTimeSchedule schedule,
                             RecertificationParticipant recertifier,
                             java.lang.String userType,
                             int timeOutPeriod,
                             java.lang.String rejectAction,
                             java.lang.String timeoutAction)
        The recertification policy value object constructor. The purpose of this constructor is to provide clients with the ability to create value objects when creating the recertification policy in the data store. Do not use this constructor to create the value objects that represent the existing entities. The default scheduling mode of the policy is the Calendar scheduling mode. Use the setScheduleMode(String scheduleMode) method to change the scheduling mode. The reject notification participant is NONE. Use setRejectionNotificationParticipant( RecertificationParticipant participant) to set the reject notification participant.
        Parameters:
        policyName - Name of the recertification policy.
        scope - Scope of the recertification policy. One level scope or subtree tree level scope. Possible values are
        enable - Boolean variable for the recertification policy status. Policy status can be enabled or disabled.
        policyType - Type of the recertification policy. Possible values are
        policyTargets - Collection of the targets for the policy. The account and access recertification policy must contain a collection of ServiceTarget objects and user recertification policy can contain a collection of ServiceTarget, GroupTarget, and RoleTarget objects. Valid values for the service targets are:
        Recertification Policy Type Valid ServiceTarget Types
        Account (ACCOUNT_TYPE) ServiceTarget.TYPE_SERVICE_NAME
        Access (ACCESS_TYPE) ServiceTarget.TYPE_ACCESS_NAME
        User (IDENTITY_TYPE) ServiceTarget.TYPE_SERVICE_NAME,
        ServiceTarget.TYPE_ALL

        Note : GroupTarget targeting all managed groups on a particular service will not be visible from the user interface if a ServiceTarget targeting the particular service is not in the policy target collection.
        schedule - Calendar schedule to evaluate a recertification policy at a specific date and time.
        recertifier - System users who approves the recertification. Type RecertificationParticipant.TYPE_SERVICE_OWNER is valid for the account and access type recertification policy only. Type RecertificationParticipant.TYPE_ACCESS_OWNER is valid for the access type recertification policy only.
        userType - User type of the recertification policy. Possible values are
        timeOutPeriod - Days until recertification is due.
        rejectAction - Action when recertification is rejected. Possible values are SUSPEND_REJECT_ACTION is not valid reject action for access type recertification policy.
        timeoutAction - Action when recertification is timeout. Possible values are NO_TIMEOUT_ACTION is valid only for user type recertification policy.

      • RecertificationPolicy

        public RecertificationPolicy(java.lang.String policyName,
                             java.lang.String policyType,
                             java.util.Collection<IPolicyTarget> policyTargets,
                             RecertificationParticipant recertifier,
                             java.lang.String rejectAction)
        The recertification policy value object constructor. The purpose of this constructor is to provide the clients with the ability to create value objects when creating the recertification policy in the data store. Do not use this constructor to create the value objects that represent the existing entities. The required attributes (fields) of the recertification policy other than the one specified in the constructor parameter are set to a default value. The default value of the policy attributes can be changed by using the specific methods. The default values set to the recertification policy are:
        Scope of the policy is SUBTREE_SCOPE.
        Policy is enabled.
        Schedule type of the policy is Calendar and evaluation frequency is daily at time 00.00 (12.00 AM).
        Policy applies to all types of users.
        10 Days until the recertification is due.
        When the recertification is overdue, then the default action is to approve the recertification.
        Reject notification participant is NONE.
        Parameters:
        policyName - Name of the recertification policy.
        policyType - Type of the recertification policy. Possible values are
        policyTargets - Collection of the targets for the policy. The account and access recertification policy must contain a collection of ServiceTarget and the user recertification policy can contain a collection of ServiceTarget, GroupTarget and RoleTarget. Valid values for service targets are:
        Recertification Policy Type Valid ServiceTarget Types
        Account (ACCOUNT_TYPE) ServiceTarget.TYPE_SERVICE_NAME
        Access (ACCESS_TYPE) ServiceTarget.TYPE_ACCESS_NAME
        User (IDENTITY_TYPE) ServiceTarget.TYPE_SERVICE_NAME,
        ServiceTarget.TYPE_ALL

        Note : GroupTarget targeting all managed groups on a particular service will not be visible from the user interface if a ServiceTarget targeting the particular service is not in the policy target collection.
        recertifier - System user who approves recertification. Type RecertificationParticipant.TYPE_SERVICE_OWNER is valid for the account and access type recertification policy only. Type RecertificationParticipant.TYPE_ACCESS_OWNER is valid for the access type recertification policy only.
        rejectAction - Action when the recertification is rejected. Possible values are SUSPEND_REJECT_ACTION is not valid reject action for access type recertification policy.

    • Method Detail

      • getType

        public java.lang.String getType()
        Returns the target type of the recertification policy.
        Returns:
        the target type of the recertification policy.

      • isCustomWorkflow

        public boolean isCustomWorkflow()
        Returns a value for the erIsCustom attribute.
        Returns:
        true if the policy is defined with the advanced configuration mode from the user interface, otherwise false.

      • setRecertificationParticipant

        public void setRecertificationParticipant(RecertificationParticipant recertifier)
        Sets or changes the recertification policy participants.
        Type RecertificationParticipant.TYPE_SERVICE_OWNER is valid for the account and access type recertification policy only. Type RecertificationParticipant.TYPE_ACCESS_OWNER is valid for the access type recertification policy only. If the recertification policy is defined with the advanced workflow (method isCustomWorkflow() returns true), then the participant value set to the recertification policy object is ignored during the policy modification.
        Parameters:
        recertifier - Recertification policy participant.

      • getRecertificationParticipant

        public RecertificationParticipant getRecertificationParticipant()
        Returns the recertification participants of the policy. If the recertification policy is defined with the advanced workflow (method isCustomWorkflow() returns true), then this method might not return a correct value or it returns null.
        Returns:
        Recertification participant.

      • setScheduleMode

        public void setScheduleMode(java.lang.String scheduleMode)
        Sets or changes the schedule mode of the recertification policy. Possible values are ROLLING_SCHEDULE_MODE is valid for the account and user type recertification policy.
        Parameters:
        scheduleMode - Schedule mode of the recertification policy.

      • getScheduleMode

        public java.lang.String getScheduleMode()
        Returns the scheduling mode of the recertification policy.
        Returns:
        The scheduling mode of the recertification policy.

      • setRollingInterval

        public void setRollingInterval(int interval)
        Sets or changes the rolling interval of the recertification policy in days.
        Parameters:
        interval - Rolling interval of the recertification policy in days.

      • getRollingInterval

        public int getRollingInterval()
        Returns a rolling interval of the recertification policy in days.
        Returns:
        A rolling interval of the recertification policy in days.

      • setTimeoutAction

        public void setTimeoutAction(java.lang.String timeoutAction)
        Sets or changes the action when the recertification todo times out. Possible values are NO_TIMEOUT_ACTION is valid only for user type recertification policy. If the recertification policy is defined with the advance workflow (method isCustomWorkflow() returns true), then the timeout action value set to the recertification policy object is ignored during the policy modification.
        Parameters:
        timeoutAction - Action when recertification is timeout.

      • getTimeoutAction

        public java.lang.String getTimeoutAction()
        Returns an action when the recertification is timeout. If the recertification policy is defined with the advanced workflow isCustomWorkflow() returns true), then this method might not return a correct value or it returns null.
        Returns:
        Action when recertification is timeout.

      • setTimeoutPeriod

        public void setTimeoutPeriod(int period)
        Sets or changes the timeout period of the recertification in days. If the recertification policy is defined with the advanced workflow (method isCustomWorkflow() returns true), then the timeout period value set to the recertification policy object is ignored during the policy modification.
        Parameters:
        period - Timeout period of the recertification in days.

      • getTimeoutPeriod

        public int getTimeoutPeriod()
        Returns the timeout period of the recertification in days. If the recertification policy is defined with the advanced workflow (method isCustomWorkflow() returns true), then this method might not return a correct value.
        Returns:
        Timeout period of the recertification in days.

      • setRejectAction

        public void setRejectAction(java.lang.String rejectAction)
        Sets or changes the action on the target entities when the recertification is rejected. Possible values are SUSPEND_REJECT_ACTION is not valid reject action for access type recertification policy.
        If the recertification policy is defined with the advance workflow (method isCustomWorkflow() returns true), then the reject action value set to the recertification policy object is ignored during the policy modification.
        Parameters:
        rejectAction - Action when recertification is rejected.

      • getRejectAction

        public java.lang.String getRejectAction()
        Returns action when the recertification is rejected. If the recertification policy is defined with the advanced workflow (method isCustomWorkflow() returns true), then this method might not return a correct value or it returns null.
        Returns:
        action when recertification is rejected.

      • setRejectionNotificationParticipant

        public void setRejectionNotificationParticipant(RecertificationParticipant participant)
        Sets or changes the recertification rejection e-mail participants. Type RecertificationParticipant.TYPE_SERVICE_OWNER is valid for the account and access type recertification policy only. Type RecertificationParticipant.TYPE_ACCESS_OWNER is valid for the access type recertification policy only. If the recertification policy is defined with the advance workflow (method isCustomWorkflow() returns true), then the participant value set to the recertification policy object is ignored during the policy modification.
        Parameters:
        recertifier - Recertification rejection e-mail participant.

      • getRejectionNotificationParticipant

        public RecertificationParticipant getRejectionNotificationParticipant()
        Returns the recertification rejection e-mail participants of the policy. If the recertification policy is defined with the advance workflow (method isCustomWorkflow() returns true), then this method might not return a correct value or it returns null.
        Returns:
        recertification rejection e-mail participants of the policy.

      • setUserClass

        public void setUserClass(java.lang.String ownerPersonClass)
        Sets or changes the target users of the recertification policy. Possible values are
        Parameters:
        ownerPersonClass - Target users of the recertification policy.

      • getUserClass

        public java.lang.String getUserClass()
        Returns the target users of the recertification policy.
        Returns:
        Target users of the recertification policy.

      • setSchedule

        public void setSchedule(RecurringTimeSchedule schedule)
        Sets or changes the schedule of the recertification policy. The recertification policy execution is always scheduled according to the server time zone. The time zone of the remote client, where the recertification policy object is created or time zone explicitly set to the recertification policy schedule does not work.
        Parameters:
        schedule - Schedule of the recertification policy.

      • getSchedule

        public RecurringTimeSchedule getSchedule()
        Returns schedule of the recertification policy.
        Returns:
        schedule of the recertification policy.

      • getTargets

        public java.util.Collection<IPolicyTarget> getTargets()
        Returns the value of the Targets attribute.
        Overrides:
        getTargets in class ServicePolicy
        Returns:
        the current value (a collection of IPolicyTarget objects) of the Targets attribute.

      • equals

        public boolean equals(java.lang.Object policy)
        Compares the given object with this RecertificationPolicy object for equality. Returns true if the specified object is also an instance RecertificationPolicy, and both RecertificationPolicy have the same DN, name, and description.
        Overrides:
        equals in class java.lang.Object
        Parameters:
        policy - the object to be compared for equality with this RecertificationPolicy.
        Returns:
        true if the specified object is equal to this RecertificationPolicy.
        See Also:
        Object.equals(java.lang.Object)
Skip navigation links