• State Not Answered
  • Replies 2 replies
  • Subscribers 94 subscribers
  • Views 171 views
  • Users 0 members are here
Options
Related

Updating a person in a deferred fashion

pavelekmarek
1 month ago

Hello, 

I am using Open Identity Manager 9.2 and would like to ask you how should I proceed with the use case where I need to create a deferred object instead of updating a Person on a Web Portal (PUT /portal/person/reports/interactive) report when updating specific properties - for example only when I am updating Surname it should create a deferred update instead of hard update but when im updating First Name it should just execute. The deferred object is wired to a custom approval process that is already implemented on our side.

What Ive tried to do was a custom API Plugin but Im not sure if its a correct way because still someone can call the PUT /portal/person/reports/interactive and just update all of the properties. Also I cannot find any documentation related to the custom API C# methods.

  • 0 1 month ago

    Hi Pavelek,

    Is the switch from a 'normal' save to a 'deferred' save something you want to be web portal / API specific? Or do you actually want saves on these fields (such as Surname) to always be turned into a deferred update / deferred operation regardless of where they come from?

    If the later is the case you could consider adding a script / check to the 'onSaving' script of the person so that any saves done on certain columns of that table actually call a script which creates a deferred operation with the update you want.

    In the onSaving afterall you have the option to see what is being changed (the old and the new value), what column is being changed and to execute a script to create the deferred Operation (and not actually update the value).

    It's not going to be the simplest script, but by putting it on the onSaving you would have a nice 'generic' option for all saves happening on these fields. Would that possibly work?

  • 0 1 month ago in reply to $parentForumReply.Author.DisplayName

    Hi Pavel,

    If it should always save as a deferred update then I'd certainly go with the 'OnSaving' script, that way whatever method someone uses (API, Process in the designer, Manager tool) your rules will be enforced and your flow will be kicked off.

    Some pointers for the script (without knowing all the details);

    You can get the old value in an 'onSaving' script by using [O]  brackets; So as an example;

    If ($ExtensionAttribute1[o]$ = "Main" Andalso $ExtensionAttribute1:Text$ = "Test") will validate that the value in ExtensionAttribute1 was main and is being updated to 'Test'

    Why is this useful? You'll see later on in the deferred operations you need the old value when you're storing a deferredOperation.

    Deferred operations are stored in the table DialogDeferredOperations. As they're encrypted by default they can be somewhat hard to figure out, but if you decode one you'll see the format you need to enter (especially for the object state) is as follows;

    Key Value (mandatory) Description

    ObjectKey

    		 <Key><T>[TABLE]</T><P>[UID]</P></Key> This is the XObjectKey referring to the object (a person most likely) you want to update
    Description [Enter the description you want shown on the deferred operation here] This description will appear on the deferred operation

    DisplayValue

    		 [The display value you want] Pick the value you want
    ObjectState <Patch Display="[Same as Display value]"><Key><T>[Table]</T><P>[UID]</P></Key><Diff><Data State="Loaded, PermissionBased" /><Op Columnname="Enabled" Type="Value" ValType="Bool" AlreadyApplied="True"><OldValue>[Old Value]</OldValue><Value>[New value]</Value></Op></Diff></Patch> The object state you want to change. These are likely encrypted (they are by default) but the value you should enter is of the following format. Be aware you will want to update things like 'ValType' depending on the column you're updating

    Operation

    Change object

    		 This indicates the action of the operation.

    TargetDate

    		 10/28/2023 5:00:00 AM Enter the target date for the deferred operation to start, eg. saturday morning at 05:00am

    So a very rough outline of how you could proceed (made quickly off the top of my head, implementing this you'll probably run into some small tweaks);

    -Make an onSaving script on the person table that checks whether the column that is being updated is one of your 'special' columns.

    -If it is, check whether the updating process is a deferredOperation (then, after all, the update should go through).

    -If it's not a deferredOperation, check whether there is a change in the value. If there isn't no update / deferred Operation is needed.

    -If it's not a deferredOperation, call a script (or put it in the onSaving script to create the deferred operation. I'd personally make a generic 'Create deferred Operation' function with parameters such as the object key, old value, new value, etc passed in)

    -After the deferredOperation is succesfully created, revert the saved value back to the 'old' value (as you don't want the change to be executed now).

    -As after the revert old value = new value there should be no change and as such if it does trigger a new save (depending on how you set it up) it should be fine.

    Hopefully this helps, goodluck getting this configured! Hoping it'll work as planned :).