certification.bpmn20.xml revision 416aee3ab18445ae17092345e5925b07b6c3f16e
<?xml version="1.0" encoding="UTF-8"?>
<definitions id="definitions"
xmlns:activiti="http://activiti.org/bpmn"
xsi:schemaLocation="
<process id="certification" name="Certification process">
<startEvent id="start" activiti:initiator="startUserId" />
<sequenceFlow sourceRef="start" targetRef="readUserData"/>
<scriptTask id="readUserData" name="Prepare Task" scriptFormat="groovy" activiti:autoStoreVariables="true">
<script><![CDATA[
user = openidm.read("managed/user/" + userId)
userName = user.userName
givenName = user.givenName
sn = user.sn
mail = user.mail
department = user.department
params = [ _queryId: 'getManager', userId: userId];
candidateManagers = openidm.query('endpoint/getusermanager', params).result
hasBusiness = (user.accounts != null && user.accounts.contains("Business"))
hasProject = (user.accounts != null && user.accounts.contains("Project"))
]]>
</script>
</scriptTask>
<sequenceFlow sourceRef="readUserData" targetRef="managerApproval"/>
<userTask id="managerApproval" name="Access Status Check" activiti:candidateUsers="${candidateManagers}">
<extensionElements>
<activiti:taskListener event="assignment" expression="${execution.setVariable('assignedManager', task.assignee)}" />
<activiti:formProperty id="userName"
name="Username"
writable="false"
type="string" />
<activiti:formProperty id="givenName"
name="First Name"
writable="false"
type="string" />
<activiti:formProperty id="sn"
name="Last Name"
writable="false"
type="string" />
<activiti:formProperty id="mail"
name="Email"
writable="false"
type="string" />
<activiti:formProperty id="business"
name="Access to Business system: "
expression="#{hasBusiness}"
type="boolean"/>
<activiti:formProperty id="project"
name="Access to Project system: "
expression="#{hasProject}"
type="boolean"/>
<activiti:formProperty id="managerDecision" name="Decision" type="enum" required="true">
<activiti:value id="change" name="Change"></activiti:value>
<activiti:value id="nochange" name="Certify"></activiti:value>
</activiti:formProperty>
</extensionElements>
</userTask>
<sequenceFlow sourceRef="managerApproval" targetRef="managerDecisionMadeGateway"/>
<exclusiveGateway id="managerDecisionMadeGateway" name="Manager Decision Made"></exclusiveGateway>
<sequenceFlow sourceRef="managerDecisionMadeGateway" targetRef="administratorApproval">
<conditionExpression xsi:type="tFormalExpression"><![CDATA[ ${managerDecision=='change'} ]]>
</conditionExpression>
</sequenceFlow>
<userTask id="administratorApproval" name="Access Status Check" activiti:assignee="systemadmin">
<extensionElements>
<activiti:formProperty id="userName"
name="Username"
writable="false"
type="string" />
<activiti:formProperty id="givenName"
name="First Name"
writable="false"
type="string" />
<activiti:formProperty id="sn"
name="Last Name"
writable="false"
type="string" />
<activiti:formProperty id="mail"
name="Email"
writable="false"
type="string" />
<activiti:formProperty id="business"
name="Access to Business system: "
type="boolean"/>
<activiti:formProperty id="project"
name="Access to Project system: "
type="boolean"/>
<activiti:formProperty id="adminDecision" name="Decision" type="enum" required="true">
<activiti:value id="accept" name="Accept"></activiti:value>
<activiti:value id="reject" name="Reject"></activiti:value>
</activiti:formProperty>
</extensionElements>
</userTask>
<sequenceFlow sourceRef="administratorApproval" targetRef="adminDecisionMadeGateway"/>
<exclusiveGateway id="adminDecisionMadeGateway" name="Administrator Decision Made"></exclusiveGateway>
<sequenceFlow sourceRef="adminDecisionMadeGateway" targetRef="patchManagedUser">
<conditionExpression xsi:type="tFormalExpression"><![CDATA[ ${adminDecision=='accept'} ]]>
</conditionExpression>
</sequenceFlow>
<scriptTask id="patchManagedUser" scriptFormat="groovy">
<script>
newAccounts = []
if (business) {
newAccounts.push("Business")
}
if (project) {
newAccounts.push("Project")
}
patchParams = [[operation:'replace', field: 'accounts', value : newAccounts]]
</script>
</scriptTask>
<sequenceFlow sourceRef="patchManagedUser" targetRef="sendAcceptNotification"/>
<scriptTask id="sendAcceptNotification" scriptFormat="groovy">
<script>
java.text.SimpleDateFormat formatUTC = new java.text.SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.S'Z'");
requestDate = formatUTC.format(new Date());
def requesterNotification = [
"receiverId": userId,
"requesterId" : "",
"requester" : "",
"createDate" : requestDate,
"notificationType" : "info",
"notificationSubtype" : "",
"message" : "Your system access was reviewed by your manager"
];
</script>
</scriptTask>
<sequenceFlow sourceRef="sendAcceptNotification" targetRef="end"/>
<sequenceFlow sourceRef="managerDecisionMadeGateway" targetRef="end">
<conditionExpression xsi:type="tFormalExpression"><![CDATA[ ${managerDecision=='nochange'} ]]>
</conditionExpression>
</sequenceFlow>
<sequenceFlow sourceRef="adminDecisionMadeGateway" targetRef="sendDenyNotification">
<conditionExpression xsi:type="tFormalExpression"><![CDATA[ ${adminDecision=='reject'} ]]>
</conditionExpression>
</sequenceFlow>
<scriptTask id="sendDenyNotification" scriptFormat="groovy">
<script>
java.text.SimpleDateFormat formatUTC = new java.text.SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.S'Z'");
requestDate = formatUTC.format(new Date());
def requesterNotification = [
"receiverId": assignedManager,
"requesterId" : "",
"requester" : "systemadmin",
"createDate" : requestDate,
"notificationType" : "warning",
"notificationSubtype" : "",
"message" : "Your system access review for " + userId +" was denied by systemadmin"
];
</script>
</scriptTask>
<sequenceFlow sourceRef="sendDenyNotification" targetRef="end"/>
<endEvent id="end"/>
</process>
</definitions>