Topic
IC4NOTICE: developerWorks Community will be offline May 29-30, 2015 while we upgrade to the latest version of IBM Connections. For more information, read our upgrade FAQ.
2 replies Latest Post - ‏2014-06-02T13:55:56Z by ioannis.kakavas
ioannis.kakavas
ioannis.kakavas
84 Posts
ACCEPTED ANSWER

Pinned topic ISIM WS API - Remove static role

‏2014-06-02T08:46:20Z |

Hello, 

I have a use case where I need to delete a role ( remove the actual role definition, not remove a role from a person) programmatically. Looking at the WSRoleService, I don't see an exposed method for this and my initial idea is to do the following : 

1) Get the role object by a filtered search

2) Search all the persons that have the role so that I can remove the role from them. This will trigger all applying PPs to deprovision entitlements. 

3) Get all PP policies that have this role as member role and :

            a) modify them to remove the member role if the role is one of many

            b) remove the PP entirely if the role to be deleted is the only member

4) Remove the role from the LDAP directly ( as there is no exposed way to do this via the APIs) 

 

Does anyone see any flaw in the logic or anything else that should be taken into consideration ?

  • goonitsupport
    goonitsupport
    99 Posts
    ACCEPTED ANSWER

    Re: ISIM WS API - Remove static role

    ‏2014-06-02T13:50:40Z  in response to ioannis.kakavas

    Assuming that the role isn't part of any workflow, ownership, participant or role hierarchy you should be ok ;-)

    Be careful!

    • ioannis.kakavas
      ioannis.kakavas
      84 Posts
      ACCEPTED ANSWER

      Re: ISIM WS API - Remove static role

      ‏2014-06-02T13:55:56Z  in response to goonitsupport

      Hi !

      Thanks for the pointers. I can verify that there is no Role Hierarchy in place and that we don't use static assignments in operational workflows ( approvers etc ) . I ll continue with testing and see if something comes up that I didnt think of . 

      Thanks again !