The Workflow Studio object model or API provides you with all the tools necessary for programmatic access to organizational data, allowing you to view and manipulate each object protected by the EmpowerID Identity Warehouse. In this way, you can create your own custom applications, workflows, activities, and services to allow clients to view and manipulate that data.
Workflow Studio provides an Object Browser to allow you to view the namespaces and members of those namespaces that make up the EmpowerID object model. You can access the Object Browser in Workflow Studio by clicking the Object Browser button on the Common tab of the Workflow Studio ribbon.
Working with Person Objects
In EmpowerID, a person is an object in the EmpowerID SQL-based Identity Warehouse that links together the user accounts, permissions assignments, audit history, and management policies associated with an identity. The EmpowerID Person is the base identity in the EmpowerID RBAC model and is necessary for accessing resources and performing tasks in EmpowerID. The Workflow Studio object model contains two namespaces with multiple classes for working with people in EmpowerID — the People.Components namespace and the People.Entities namespace. Each of these namespaces have classes corresponding to each of the object tables in the EmpowerID Identity Warehouse. You can use the members of these classes to directly interact with the data in the Identity Warehouse. The following examples demonstrate some of the more common use cases.
Required Namespaces
When working with Person objects, minimally you should add references to the following namespaces
using TheDotNetFactory.Framework; using TheDotNetFactory.FrameWork.Common; using TheDotNetFactory.FrameWork.Common.Shared; using TheDotNetFactory.Framework.Core; using C = TheDotNetFactory.Framework.People.Components; using E = TheDotNetFactory.Framework.People.Entities;
Get by Job Title
string columnsToSearch = "Title"; string textToSearch = "Helpdesk"; var pageLength = 500; int totalCount; E.VList<C.PersonView> p = C.PersonView.GetAllSearch(columnToSearch, textToSearch, 1, pageLength, out totalCount); //Write the results to the console foreach(var a in p) Console.WriteLine("Name: {0}, Login: {1}, PersonID: {2}", a.Name, a.Login, a.PersonID);
Create a new Person object
C.Person p = new C.Person(); p.LastName = "Simone"; p.FirstName = "John"; p.Name = "John Simone"; p.Active = true; p.AllowLogin = true; p.Login = "jSimone"; //Add the person object to the Identity Warehouse p.Insert();
Get People without Accounts
string columnsToSearch = ""; string textToSearch = ""; E.VList<C.PersonView> pView = C.PersonView.GetPeopleWithNoAccounts(columnsToSearch, textToSearch); //Write the results to the console if (pView.Count > 0) { foreach (var a in pView) Console.WriteLine("Name: {0}", a.FriendlyName); }
Execute Account RETs
string columnsToSearch = ""; string textToSearch = ""; E.VList<C.PersonView> pView = C.PersonView.GetPeopleWithNoAccounts(columnsToSearch, textToSearch); //Create a new Person Components list E.TList<C.Person> pList = new E.TList<C.Person>(); //Create a new dictionary with an empty key to pass to the method that will provision any entitlements for the people without accounts Dictionary<string, object> myDictionary = new Dictionary<string, object>(); string str = ""; object obj = null; myDictionary.Add(str, obj); //Convert all people in the pView list to Person.Component objects and add them to the Person Components list //This allows us to call the methods associated with Person objects. if (pView.Count > 0) { foreach (var p in pView) if(p.FriendlyName != "empoweriduser") { pList.Add(p.ToPerson()); } //Provision any entitlements for the people. In this case we are setting the Primary OrgRoleOrgZone for each person //without an account to an OrgRoleOrgZone with a RET that grants people in that OrgRoleOrgZone a user account foreach(var x in pList) { x.PrimaryOrgRoleOrgZoneID = 2351; x.Update(); C.ResourceEntitlement.ProvisionPersonEntitlements(x, myDictionary); x.Update(); } }
Change the primary Business Role and Location
//Pass in the PersonID C.Person p = C.Person.GetByPersonID(3174); //Pass in the new primary Business Role and Location by OrgRoleOrgZoneID p.ChangePrimaryOrgRoleOrgZone(2307);
Disable a Person
//This does not disable user accounts associated with the person C.Person p = C.Person.GetByPersonID(3174); p.Disable();
Reset a Person's Password
C.Person p = C.Person.GetByLogin("jSimone"); p.ResetPassword("myNewPass@word123");
Unlock a Person
//Pass in the Person ID C.Person p = C.Person.Unlock(3174);
Get Access Assignments
string columnsToSearch = " "; string textToSearch = " "; E.Vlist<C.RbacResourceRoleAssignment> r = C.RbacResourceRoleAssignment.GetAllAssignedDirectlyToPersonID(3150, columnsToSearch, textToSearch);
Get People in Management Role
var personInManagementRole = C.Person.GetByManagementRoleID(19); //Write the results to the console Console.WriteLine("The following people are assigned to the {0} Management Role: ", C.ManagementRole.GetByManagementRoleID(18).Name); foreach (var p in personInManagementRole) Console.WriteLine(p.FriendlyName)
Get a Person's Management Role
var p = C.ManagementRole.GetByPersonID(3150); //Write the results to the console if (p.Count > 0) { Console.WriteLine("{0} has the following Management Roles: ", C.Person.GetByPersonID(3150).FriendlyName); foreach (var a in p) Console.WriteLine(a.FriendlyName); }