{
  "id": "UserCreateEventWithCatalogLookup",
  "name": "UserCreateEventWithCatalogLookup",
  "displayName": "User Create Event Workflow - Catalog Lookup",
  "description": "Workflow to be used to request items when a user is created",
  "type": "provisioning",
  "_rev": 0,
  "steps": [
    {
      "name": "scriptTask-756b3b023622",
      "displayName": "Submit Request for Roles",
      "type": "scriptTask",
      "scriptTask": {
        "nextStep": [
          {
            "condition": "true",
            "outcome": "done",
            "step": null
          }
        ],
        "language": "javascript",
        "script": "logger.info(\"Running user create event role workflow\");\n\nvar content = execution.getVariables();\nvar requestId = content.get('id');\nvar failureReason = null;\nvar userObj = null;\nvar userId = null;\n\n// Read event user information from request object\ntry {\n  var requestObj = openidm.action('iga/governance/requests/' + requestId, 'GET', {}, {});\n  userObj = requestObj.request.common.blob.after;\n  userId = userObj.userId;\n}\ncatch (e) {\n  failureReason = \"Validation failed: Error reading request with id \" + requestId;\n}\n\n// Define roles to request\nvar roleNames = [ \"Data Analyst\", \"Security\" ];\n\n// Look up roles in catalog\nvar operand = [];\nfor (var index in roleNames) {\n  operand.push({operator: \"EQUALS\", operand: { targetName: \"role.name\", targetValue: roleNames[index] }})\n}\nvar body = { targetFilter: {operator: \"OR\", operand: operand}};\nvar catalog = openidm.action(\"iga/governance/catalog/search\", \"POST\", body);\nvar catalogResults = catalog.result;\n\n// Define request catalogs key\nvar catalogBody = [];\nfor (var idx in catalogResults) {\n  var catalog = catalogResults[idx];\n  catalogBody.push({type: \"role\", id: catalog.id})\n}\n\n// Define request payload\nvar requestBody = {\n  priority: \"low\", \n  accessModifier: \"add\", \n  justification: \"Request submitted on user creation.\", \n  users: [ userId ], \n  catalogs: catalogBody\n};\n\n// Create requests\ntry {\n  openidm.action(\"iga/governance/requests\", \"POST\", requestBody, {_action: \"create\"})\n}\ncatch (e) {\n  failureReason = \"Unable to generate requests for roles\";\n}\n\n// Update event request as final \nvar decision = failureReason ? \n  {'status': 'complete', 'outcome': 'cancelled', 'decision': 'rejected', 'comment': failureReason, 'failure': true} :\n  {'status': 'complete', 'outcome': 'fulfilled', 'decision': 'approved'};\nvar queryParams = { '_action': 'update'};\nopenidm.action('iga/governance/requests/' + requestId, 'POST', decision, queryParams);\nlogger.info(\"Request \" + requestId + \" completed.\");"
      }
    }
  ],
  "staticNodes": {
    "startNode": {
      "id": "startNode",
      "x": 50,
      "y": 250,
      "connections": {
        "start": "scriptTask-756b3b023622"
      }
    },
    "endNode": {
      "id": "endNode",
      "x": 1098,
      "y": 246,
      "connections": null
    },
    "uiConfig": {
      "scriptTask-756b3b023622": {
        "x": 421,
        "y": 242.875
      }
    }
  },
  "status": "published"
}