EndUserRuleLibrary (Oracle Waveset 8.1.1 Deployment Reference)

Oracle Waveset 8.1.1 Deployment Reference

EndUserRuleLibrary

The EndUserRuleLibrary is a default library of rules that Waveset uses to determine or to verify end-user account information.

Note –

By default, Waveset’s End User Anonymous Enrollment processing generates values for accountId and emailAddress by using user-supplied first names (firstName), last names (lastName) and employee IDs (employeeID). Anonymous enrollment can cause non-ASCII characters to display in email addresses and account IDs.

To ensure that Waveset maintains ASCII accountIds and email addresses during anonymous enrollment processing, international users must perform these steps:

To Use EndUserRuleLibrary in Localized Environments

Modify the following EndUserRuleLibrary rules:
- getAccountId: Remove firstName, lastName, and letter substr. Use employeeId only.
  - getEmailAddress: Remove firstName, lastName, and "." Use employeeId only.
  - verifyFirstname: Change length check from 2 to 1 to allow single character Asian first names.

Edit the End User Anon Enrollment Completion form to remove the firstName and lastName arguments from calls to the getAccountId and getEmailAddress rules.

Note –

This library is displayed as the EndUserRuleLibrary library object in the Identity Manager IDE.

Inputs:

See EndUserRuleLibrary and EndUserRuleLibrary.

You must specify the following for a custom EndUserLibrary rule:

AuthType	`EndUserLibrary`
SubType	Not specified

The following table describes the example EndUserRuleLibrary rules.

Rule	Input Variable	Description
`getCallerSession`	None	Returns the internal session context (Lighthouse context) for the user executing a form.
`getUserView`	`resourceTargets` list `accountId` string `includeAvailableRoleInfos` boolean	Returns the User view of the specified accountId, including a list of resource targets, and whether or not to include Role information.
`getView`	`nameOrId` string `type` string `options` map	Returns a view of an object specified by the name or GUID, type of object, and a map of options.
`getUnassignedResources`	`roles` list `currentResources` list `groups` list	Determines which resources are currently unassigned.
`getDirectReports`	`manager` string `options` map	Returns a list of direct reports for a specified manager. For example, a list of users whose `idmManager` attribute is specified by the `manager` input variable.
`getIndirectReports`	`manager` string `options` map	Returns a list of indirect reports for a specified manager. For example, a list of users who are in the reporting structure of the user specified by the `manager` input variable, excluding direct reports.
`getResourceObjectParentId`	`resourceName` string `resObjectName` string `objType` string `objAttr` string	Returns a GenericObject of the parent of a resource specified by the name, object type, and object attribute.
`getObjectsByType`	`type` string `attributeVal` string `attributeName` string	Returns a list of GenericObjects specified by type and that match the `attributeName=attributeVal` condition.
`getRealName`	`accountId` string `addAccountId` boolean	Determines a user’s “real name,” such as FirstName <space> LastName, when an `accountId` has been provided. If the `addAccountId` argument is `true`, Waveset returns the `FirstName LastName (accountId)` string. If the `FirstName` or `LastName` attributes cannot be determined, the rule returns just the `accountId`. NOTES: You can easily modify this rule if you want the real name to display as `LastName`, `FirstName`. The user must have the appropriate permissions to be able to search for other users.

The next table describes the example EndUserRuleLibrary rules used for anonymous enrollment.

`getAccountId`	`firstName` string `lastName` string `employeeId` string	Generates an account ID from the first name, last name, and employee ID. `First initial + last intial + employee ID` Note: International users must modify this rule to ensure that Waveset maintains ASCII accountIds and email addresses during anonymous enrollment processing.
`getEmailAddress`	`firstName` string `lastName` string `emailDomain` string	Generates an email address from the first name, last name, and email domain provided. `firstname.lastname@emailDomain` Note: International users must modify this rule to ensure that Waveset maintains ASCII accountIds and email addresses during anonymous enrollment processing.
`getIdmManager`	`employeeId` string	Returns the account ID of the Waveset manager associated with an employee ID for a user being created. You must customize this rule for your deployment environment. (Default is configurator.)
`getOrganization`	None	Returns the name of the organization to which a user will be assigned. You must customize this rule for your deployment environment. (Default is Top.)
`runValidation`	None	Invokes `verifyFirstname`, `verifyLastname`, `verifyEmployeeId`, and `verifyEligibility` rules.
`verifyFirstname`	`firstName` string	Validates the first name provided by a user for the End User Anonymous Enrollment process. This sample rule verifies a first name is not null. You must customize this rule for your deployment environment. Note: International users must modify this rule to ensure that Waveset maintains ASCII accountIds and email addresses during anonymous enrollment processing.
`verifyLastname`	`lastName` string	Validates the last name provided by a user for the End User Anonymous Enrollment process. This sample rule verifies a last name is not null. You must customize this rule for your deployment environment.
`verifyEmployeeId`	`employeeId` string	Validates the employee ID provided by a user for the End User Anonymous Enrollment process. This sample rule verifies that an employee ID is valid. You must customize this rule for your deployment environment.
`verifyEligibility`	`firstName` string `lastName` string `employeeId` string	Can be used to validate the employee ID provided by a user for the End User Anonymous Enrollment process. This rule must be customized for deployment.