• State Not Answered
  • Replies 3 replies
  • Subscribers 96 subscribers
  • Views 230 views
  • Users 0 members are here
Options
Related

ShoppingCartOrder Check Customization

René Zimmerli
1 month ago

We have identified that products can only be checked in the shopping cart if they are standard products with AccProduct.

If we want to check multi-request resources (QERReuse), such as for duplicate checks or compliance checks, we cannot use the standard libraries of One Identity because the logic is embedded deeply within the Customizer DLL.

Currently, we have a script library that we can call as a customization in the shop, but we are unable to make any changes to it.

Our goal is to provide an alternative item to be checked instead of objectkeyorderd, as objectkeyorderd and AccProduct are always the same.

The code we have so far looks like this:

#If Not SCRIPTDEBUGGER Then
References NLog.Dll
#End If

''' <summary>
''' _CCC_ShoppingCartOrder_Check
''' </summary>
''' <param name="UID_ShoppingCartOrder"></param>
''' <param name="configJson"></param>
''' <returns></returns>
Public Function _CCC_ShoppingCartOrder_Check(ByVal UID_ShoppingCartOrder As String, ByVal configJson As String) As String

	' Variablen
	Dim counterror As Integer = 0
	Dim countwarning As Integer = 0
	Dim culLang As System.Globalization.CultureInfo = New System.Globalization.CultureInfo("de-DE")
	VI.Base.LanguageManager.SetSystemCulture(culLang)
	Dim log As NLog.LogSession = New NLog.LogSession(NameOf(_CCC_ShoppingCartOrder_Check),"")
	
	' Erste Variante mit Submit
	Dim check = New QER.CompositionApi.ITShop.ShoppingCartSubmit(UID_ShoppingCartOrder)
	Dim ConfigJsonParm As String = check.GetConfigJson
	
	check.Check.Config.CheckMode = QER.CompositionApi.ITShop.CheckMode.CheckOnly
	Dim tCartItemCheckResult As QER.CompositionApi.ITShop.CartItemCheckResult
	
	log.Info("Shopping Cart: " & UID_ShoppingCartOrder & " will be checked...")
	
	Dim checkResult = check.CheckAsync(Session).Result
	
	log.Info("Check Config: ")
	log.Info(ConfigJsonParm )
	
	' Für alle Bestellpositionen
	
	Dim items = checkResult.Items()
	For Each tCartItemCheckResult In items
		
		' Bestellpositionen Prüfungen durchführen
		
		log.Info("  > Cart Item " & tCartItemCheckResult.ToString & " check result...")
		Dim itemsChecks = tCartItemCheckResult.checks()

		' Für alle gefundenen Prüfungsresultate
		
		For Each checks In itemsChecks
			
			' Resulatat ausgeben
			
			log.Info("    > ID : " + checks.id + ", Status :" + checks.Status.toString + ", Title :" + checks.title)
			
			Select Case checks.Status.toString
			    Case "Warning"
					countwarning += 1
			    Case "Error"
					counterror += 1
			    Case Else
			End Select
			
		Next
	Next

	Return " In " & CStr(items.count) & " Cart Items, there are " & CStr(countwarning) & " warnings and " & CStr(counterror) & " errors."

End Function

Any help would be appreciated!

  • 0 1 month ago

    Hello,

    Requests for multi-request resources (QERReuse) go through the shopping cart validation just like all other products, even though it is true that, by definition, some checks will always pass for these requests.

    That being said, I don't understand what problem you are trying to solve. Are you looking to add custom validation logic to the shopping cart?

  • 0 1 month ago in reply to Hanno Bunjes

    Hello,

    I have also found in my tests that I get a positive test result in all points for the multi-request resources (QERReuse).
    The problem is, if the ordered subject is not in the objectkeyordered column in QERReuse, how can the the system check for duplicate orders in the shopping cart?
    The system needs to know in which custom-defined column the actually ordered subject is defined.

    Example:

    If I create a multi-orderable product with which certain resources can be ordered, such as (resource1, resource2, etc.), then you can order several resouces and you can also have a column with which you can select this resource, for example, CCC_Resource with a FK.

    However, the system does not know that if I have selected resource A, I can order at the same time (Shopping Cart) also resource B, C, and D, etc., but not A again. I cannot define anywhere that for this multi-orderable product, the CCC_Resource column contains the subject instead of objectkeyordered.

    Additionally, I cannot create compliance rules where I define that managers are allowed to order Resource C, where in the other hand regular employees can only do so with an additional exception approver.
    You can also see that when creating a compliance rule for entitlements, you see the QERResource but not the other multi-orderable tables. Even with SQL, you don’t have the flexibility needed there in the Compliance Rules.

    All these checks are reported as successful, but I think they are not checked, but rather ignored.

    I have already opened a service request 02433533, but I suspect they did not understand what I want exactly. I do not expect it to be possible in the standard, but only that as a customer, I can perform duplicate checks and compliance checks on QERReuse with additional check scripts and API without having to reprogram the entire logic. From my point of view, part of the check code, which is in the customizer DDL, should be accessible to the customer.
    For the QERReuseUS it is even more important, that somebody cannot order something that he already has ordered.

  • 0 1 month ago in reply to René Zimmerli

    Hello,

    Thanks for elaborating, but I'm afraid I now have more questions ;-)

    > If I create a multi-orderable product with which certain resources can be ordered

    What is the relation between the QERReuse and these other resources?

    > You can also see that when creating a compliance rule for entitlements, you see the QERResource but not the other multi-orderable tables.

    That is because objects of type QERReuse, QERAssign and QERReuseUS are never actually assigned to the recipient! This is why you can't use them to build compliance rules.

    Furthermore, QERReuse/QERReuseUS are multi-requestable resource types that you can request as many times as desired. That means that you cannot have duplicate requests so the checking logic for duplicate requests skips these types.

    That being said, it is possible to add custom check logic in the shopping cart. However, it sounds like you will not be able to re-use any of the default compliance logic.