{"id":11030,"date":"2015-11-12T14:35:47","date_gmt":"2015-11-12T19:35:47","guid":{"rendered":"http:\/\/jianmingli.com\/wp\/?p=11030"},"modified":"2015-11-16T15:04:03","modified_gmt":"2015-11-16T20:04:03","slug":"sun-idm-8-1-rules","status":"publish","type":"post","link":"https:\/\/jianmingli.com\/wp\/?p=11030","title":{"rendered":"Sun IDM 8.1: Rules"},"content":{"rendered":"<div class='toc wptoc'>\n<h2>Contents<\/h2>\n<ol class='toc-odd level-1'>\n\t<li>\n\t\t<a href=\"#Overview\">Overview<\/a>\n\t\t<ol class='toc-even level-2'>\n\t\t\t<li>\n\t\t\t\t<a href=\"#Whats_the_Rule\">What's the Rule<\/a>\n\t\t\t<\/li>\n\t\t\t<li>\n\t\t\t\t<a href=\"#Returning_Static_Values\">Returning Static Values<\/a>\n\t\t\t<\/li>\n\t\t\t<li>\n\t\t\t\t<a href=\"#Referencing_Variables\">Referencing Variables<\/a>\n\t\t\t<\/li>\n\t\t\t<li>\n\t\t\t\t<a href=\"#Declare_Rule_Arguments\">Declare Rule Arguments<\/a>\n\t\t\t<\/li>\n\t\t\t<li>\n\t\t\t\t<a href=\"#Assign_Values_to_External_Variables_in_Rules\">Assign Values to External Variables in Rules<\/a>\n\t\t\t<\/li>\n\t\t\t<li>\n\t\t\t\t<a href=\"#Wrap_JavaScript_in_Rules\">Wrap JavaScript in Rules<\/a>\n\t\t\t<\/li>\n\t\t<\/ol>\n\t<li>\n\t\t<a href=\"#Referencing_Rules\">Referencing Rules<\/a>\n\t\t<ol class='toc-even level-2'>\n\t\t\t<li>\n\t\t\t\t<a href=\"#Basic_Syntax\">Basic Syntax<\/a>\n\t\t\t<\/li>\n\t\t\t<li>\n\t\t\t\t<a href=\"#Invoking_Rules_in_a_Library\">Invoking Rules in a Library<\/a>\n\t\t\t<\/li>\n\t\t\t<li>\n\t\t\t\t<a href=\"#Ensure_Explicit_Rule_Arguments\">Ensure Explicit Rule Arguments<\/a>\n\t\t\t<\/li>\n\t\t<\/ol>\n\t<li>\n\t\t<a href=\"#Secure_Rules\">Secure Rules<\/a>\n\t\t<ol class='toc-even level-2'>\n\t\t\t<li>\n\t\t\t\t<a href=\"#Put_Rules_in_an_Appropriate_Org\">Put Rules in an Appropriate Org<\/a>\n\t\t\t<\/li>\n\t\t\t<li>\n\t\t\t\t<a href=\"#Use_Authorization_Types_to_Secure_Rules\"><a href=\"https:\/\/docs.oracle.com\/cd\/E19225-01\/820-5822\/byayr\/index.html\">Use Authorization Types to Secure Rules<\/a><\/a>\n\t\t\t<\/li>\n\t\t<\/ol>\n\t<li>\n\t\t<a href=\"#Identity_Manager_Default_Rules\">Identity Manager Default Rules<\/a>\n\t<\/li>\n\t<li>\n\t\t<a href=\"#References\">References<\/a>\n\t<\/li>\n<\/ol>\n<\/ol>\n<\/div>\n<div class='wptoc-end'>&nbsp;<\/div>\n<span id=\"Overview\"><h2>Overview<\/h2><\/span>\n<span id=\"What8217s_the_Rule\"><h3>What&#8217;s the Rule<\/h3><\/span>\n<p>* Rule is similar to Java methods:<br \/>\n&#8211; can take input parameters<br \/>\n&#8211; can return a value<br \/>\n* Rule can be written in following languages:<br \/>\n&#8211; XPRESS<br \/>\n&#8211; XML Object<br \/>\n&#8211; JavaScript<br \/>\n* Rule can also reference and modify variables maintained by a form or workflow.<br \/>\n&#8211; You can use <em>localScope=&#8221;true&#8221;<\/em> to disallow this behavior.<br \/>\n* Rule can be referenced wherever XPRESS is allowed:<br \/>\n&#8211; Forms<br \/>\n&#8211; Workflows<br \/>\n&#8211; Roles: Use a role-assignment rule to dynamically assign owners and approvers to a role.<br \/>\n&#8211; Active Sync: Use Process or Correction rules to control what happens when an Active Sync-enabled adapter detects changes to a resource account.<br \/>\n&#8211; Reconciliation: Use special rule subtypes (such as confirmation and correlation rules) during reconciliation.<br \/>\n* For moralization, multiple rules can be organized into a <em>Rule Library<\/em> which is a single XML configuration object.<\/p>\n<span id=\"Returning_Static_Values\"><h3>Returning Static Values<\/h3><\/span>\n<p>* You can use XML Object syntax:<\/p>\n<pre lang=\"xml\">\r\n<Rule name='UnixHostList'>\r\n\t<List>\r\n\t\t<String>aas<\/String>\r\n\t\t<String>ablox<\/String>\r\n\t\t<String>aboupdt<\/String>\r\n\t<\/List>\r\n<\/Rule>\r\n<\/pre>\n<span id=\"Referencing_Variables\"><h3>Referencing Variables<\/h3><\/span>\n<p>* Use &lt;ref&gt; expression<\/p>\n<pre lang=\"xml\">\r\n<Rule name='Build Email'> \r\n   <concat> \r\n      <substr> \r\n         <ref>global.firstname<\/ref> \r\n         <i>0<\/i> \r\n         <i>1<\/i> \r\n      <\/substr> \r\n      <ref>global.lastname<\/ref> \r\n      <s>@example.com<\/s> \r\n   <\/concat> \r\n<\/Rule>\r\n<\/pre>\n<span id=\"Declare_Rule_Arguments\"><h3>Declare Rule Arguments<\/h3><\/span>\n<p>* Rule arguments:<br \/>\n&#8211; promotes reuse<br \/>\n&#8211; helps rule development<br \/>\n* Use <em>&lt;RuleArgument&gt;<\/em> to declare rule arguments:<br \/>\n&#8211; Use <em>value <\/em>attribute to specify default value.<\/p>\n<pre lang=\"xml\">\r\n<Rule name='description'> \r\n   <RuleArgument name='UserId'\/> \r\n   <RuleArgument name='location' value='Austin'\/> \r\n   <concat> \r\n      <ref>UserId<\/ref> \r\n      <s>@<\/s> \r\n      <ref>location<\/ref> \r\n   <\/concat> \r\n<\/Rule>\r\n<\/pre>\n<p>* Pass in rule argument values:<\/p>\n<pre lang=\"xml\">\r\n<rule name='description'> \r\n   <argument name='UserId' value='$(waveset.accountId)'\/> \r\n   <argument name='location' value='global.location'\/> \r\n<\/rule>\r\n<\/pre>\n<p>* You can lock argument default value with <em>locked <\/em>attribute:<\/p>\n<pre lang=\"xml\">\r\n<RuleArgument name='domain' value='example.com' locked='true'> \r\n  <Comments>The corporate domain name<\/Comments> \r\n<\/RuleArgument> \r\n<\/pre>\n<span id=\"Assign_Values_to_External_Variables_in_Rules\"><h3>Assign Values to External Variables in Rules<\/h3><\/span>\n<p>* Similar to assign values to class variables in Java classes<br \/>\n* You can use following expressions to assign values:<br \/>\n<em>&lt;setvar&gt;<br \/>\n&lt;setlist&gt;<br \/>\n&lt;putmap&gt;<\/em><\/p>\n<span id=\"Wrap_JavaScript_in_Rules\"><h3>Wrap JavaScript in Rules<\/h3><\/span>\n<pre lang=\"xml\">\r\n<Rule name='Build Email'> \r\n   <script> var firstname = env.get('firstname'); var lastname = env.get('lastname'); \r\nvar email = firstname.substring(0, 1) + lastname + \"@example.com\"; email; <\/script> \r\n<\/Rule>\r\n<\/pre>\n<span id=\"Referencing_Rules\"><h2>Referencing Rules<\/h2><\/span>\n<span id=\"Basic_Syntax\"><h3>Basic Syntax<\/h3><\/span>\n<p>* Examples:<\/p>\n<pre lang=\"xml\">\r\n<rule name='Build Email'\/>\r\n\r\n<rule name='getEmployeeId'>\r\n    <argument name='accountId' value='jsmith'\/>\r\n<\/rule>\r\n\r\n<rule name='getEmployeeId'>\r\n    <argument name='accountId'>\r\n       <ref>user.waveset.accountId<\/ref>\r\n    <\/argument>\r\n<\/rule>\r\n\r\n<rule name='getEmployeeId'>\r\n    <argument name='accountId' value='$(user.waveset.accountId)'\/>\r\n<\/rule>\r\n<\/pre>\n<span id=\"Invoking_Rules_in_a_Library\"><h3>Invoking Rules in a Library<\/h3><\/span>\n<p>* Prefix rule library with colon:<\/p>\n<pre lang=\"xml\">\r\n<rule name='Account ID Rules:First Dot Last'\/>\r\n<\/pre>\n<span id=\"Ensure_Explicit_Rule_Arguments\"><h3>Ensure Explicit Rule Arguments<\/h3><\/span>\n<p>* Use <em>localScope=&#8217;true&#8217;<\/em> to restrict that rules can only reference values that are passed in explicitly as arguments<\/p>\n<pre lang=\"xml\">\r\n<Rule name='generateEmail' localScope='true'> \r\n   <RuleArgument name='firstname'> \r\n      <Comments>The first name of a user<\/Comments> \r\n   <\/RuleArgument> \r\n   <RuleArgument name='lastname'> \r\n      <Comments>The last name of a user<\/Comments> \r\n   <\/RuleArgument> \r\n   <RuleArgument name='domain' value='example.com'> \r\n      <Comments>The corporate domain name<\/Comments> \r\n   <\/RuleArgument> \r\n   <concat> \r\n      <ref>firstname<\/ref> \r\n      <s>.<\/s> <em>\r\n      <ref>lastname<\/ref> \r\n      <s>@<\/s> \r\n      <ref>domain<\/ref> \r\n   <\/concat> \r\n<\/Rule>\r\n<\/pre>\n<span id=\"Secure_Rules\"><h2>Secure Rules<\/h2><\/span>\n<span id=\"Put_Rules_in_an_Appropriate_Org\"><h3>Put Rules in an Appropriate Org<\/h3><\/span>\n<span id=\"Use_Authorization_Types_to_Secure_Rules\"><h3><a href=\"https:\/\/docs.oracle.com\/cd\/E19225-01\/820-5822\/byayr\/index.html\">Use Authorization Types to Secure Rules<\/a><\/h3><\/span>\n<p>* Define a new authorization type in the <em>AuthorizationTypes <\/em>configuration object, e.g.<\/p>\n<pre lang=\"xml\">\r\n<AuthType name='Marketing Rule' extends='Rule'\/>\r\n<\/pre>\n<p>* Define a new AdminGroup Capability Definition:<\/p>\n<pre lang=\"xml\">\r\n<AdminGroup name='Marketing Admin'>\r\n  <Permissions>\r\n    <Permission type='Marketing Rule' rights='View,List,Connect,Disconnect'\/>\r\n  <\/Permissions>\r\n  <AdminGroups>\r\n    <ObjectRef type='AdminGroup' id='#ID#Account Administrator'\/>\r\n  <\/AdminGroups>\r\n<\/AdminGroup>\r\n<\/pre>\n<p>* Secure rule:<\/p>\n<pre lang=\"xml\">\r\n<Rule name='Competitive Analysis Info' authType='Marketing Rule'>\r\n ...\r\n<\/Rule>\r\n<\/pre>\n<span id=\"Identity_Manager_Default_Rules\"><h2>Identity Manager Default Rules<\/h2><\/span>\n<p>* <a href=\"https:\/\/docs.oracle.com\/cd\/E19225-01\/820-5821\/bvbml\/index.html\">Identity Manager Rules<\/a><br \/>\n* <a href=\"https:\/\/docs.oracle.com\/cd\/E19225-01\/820-5821\/bvboy\/index.html\">Auditor Rules<\/a><br \/>\n* <a href=\"https:\/\/docs.oracle.com\/cd\/E19225-01\/820-5821\/bvbpk\/index.html\">Audit Policy Rules<\/a><br \/>\n* <a href=\"https:\/\/docs.oracle.com\/cd\/E19225-01\/820-5821\/bvbpl\/index.html\">Service Provider Rules<\/a><\/p>\n<span id=\"References\"><h2>References<\/h2><\/span>\n<p>* <a href=\"https:\/\/docs.oracle.com\/cd\/E19225-01\/820-5821\/bvblc\/index.html\">Chapter 4 Working with Rules<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Overview What&#8217;s the Rule * Rule is similar to Java methods: &#8211; can take input parameters &#8211; can return a value * Rule can be written in following languages: &#8211; XPRESS &#8211; XML Object &#8211; JavaScript * Rule can also &hellip; <a href=\"https:\/\/jianmingli.com\/wp\/?p=11030\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[530],"tags":[143,651],"class_list":["post-11030","post","type-post","status-publish","format-standard","hentry","category-sunidm","tag-rules","tag-sunidm"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p8cRUO-2RU","_links":{"self":[{"href":"https:\/\/jianmingli.com\/wp\/index.php?rest_route=\/wp\/v2\/posts\/11030","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jianmingli.com\/wp\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jianmingli.com\/wp\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jianmingli.com\/wp\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/jianmingli.com\/wp\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=11030"}],"version-history":[{"count":9,"href":"https:\/\/jianmingli.com\/wp\/index.php?rest_route=\/wp\/v2\/posts\/11030\/revisions"}],"predecessor-version":[{"id":11047,"href":"https:\/\/jianmingli.com\/wp\/index.php?rest_route=\/wp\/v2\/posts\/11030\/revisions\/11047"}],"wp:attachment":[{"href":"https:\/\/jianmingli.com\/wp\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=11030"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jianmingli.com\/wp\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=11030"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jianmingli.com\/wp\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=11030"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}