Articles in this section

Rule Engine Functions

Avatar
Peter Sidebotham
  • Created
  • Updated
Follow

For general rule help see Rule Engine Introduction

In many ways the most powerful aspect of the rule engine is its function call semantics and the wide array of built-in functions.

Enumerating and describing all functions is outside the scope of this documentation, as that information is available within the Rule Helper. Currently there are over 130 rule functions in Identity Panel.

Rule functions are definite in classes implementing SoftwareIDM.PanelModel.Rules.IRuleFunctions.

Calling Semantics

Rule engines generally follow C# or VBScript like calling semantics.

Function parameters may be passed as a comma separated list or as named parameters.
Mid("Hello World", 5, 1)
Mid(str="Hello World", start=5, count=1)

If using named instead of positional parameters, order does not matter.

For some functions the last parameter is an array (indicated by []) or dictionary (indicated by {}).
> To populate an array parameter, simply provide a list of comma separated positional values.

Join(separator, values[]) can be invoked with
Join(", ", "first", "second", "third")

To populate a dictionary used named parameters.
MyCustomFunc(values{}) can be invoked with
MyCustomFunc(key1="val1", key2="val2")

Prior to version 3.3.11 rule function and argument names are case-sensitive. In more recent versions these are case-insensitive.

Function Categories

Rules are grouped in the following categories. Each category corresponds to a single implementing class. Use the rule helper to see functions within each category. Functions also appear in the rule editor auto-complete list.

  • Date Functions – Helpers for creating, parsing, formatting, and manipulating DateTimes and TimeSpans
  • Active Directory Functions – Helpers for creating, parsing and formatting AD constants like userAccountControl, objectSid, groupType, and DN
  • MIM Test Provider Functions – Functions specific to various MIM Test providers, e.g. Load Provider, and Sql Provider. These functions are listed in the Rule Helper, but except for Memo() which is available in the reporting engine, they may only execute in Panel Service or Panel Tool.
  • Boolean Functions – Control flow alternatives to boolean operations. Especially useful for complex expressions
  • String Functions – A multiplicity of functions for manipulating parsing, and creating strings. Many of these are the same as the functions found in the MIM Portal
  • Sync Step Condition Functions – Functions for querying pending counts from the MIM or AADSync WMI interface. These may only execute on Panel Service or Panel Tools
  • Numeric Functions – Functions for formatting and parsing numbers, as well as for performing basic arithmetic. In many cases two functions exist, one that coerces values to Long (Int64), and another that coerces to Double.
  • Type Coercion Functions – See Rule Type Coercion
  • Web Application Functions – Functions that are only available in the web application that are used in workflows and reporting for constructing links and looking up request values.
  • Value Lookup – A single helper to do a reverse lookup of a special value. This can be used to convert e.g. a Guid or number, into a user friendly name.
  • List Functions – A range of functions for doing operations on lists and dictionaries. May be used for filtering, creating ranges, re-mapping data, etc.
  • Aggregation Functions – Functions for performing aggregate operations like Count, Mean, Max. These functions are only available in the web application and are primarily for use in Workflows 

Screen_Shot_2017-08-07_at_2.19.55_PM.png

 

Custom Functions

To create a custom function you must create a dll and add a reference to SoftwareIDM.PanelModel.

Add a class to the Dll implementing SoftwareIDM.PanelModel.Models.IKnownTypes. This is used to generate a white-list of serializable types. You can use one of the following implementations:

public class ModelTypes : IKnownTypes
{
    public IEnumerable Types()
    {
        foreach (var type in Assembly.GetExecutingAssembly().ExportedTypes)
        {
            if (type.GetCustomAttribute() != null)
            {
                yield return type;
            }
        }
    }
}

public class ModelTypes : IKnownTypes
{
    public IEnumerable Types()
    {
        return new Type[]{};
    }
}

This dll must be registered in config.json, by adding it to the "Types" section. Depending on where the rules should be available it may be added to just Panel Tools or both Panel Tools\config.json and IdentityPanelWeb\config.json

"Custom": "SoftwareIDM.CustomSteps.ModelTypes, SoftwareIDM.CustomSteps",

In order to be loaded, the name of the dll MUST follow the pattern "SoftwareIDM.<name>".

The IRuleFunctions interface has a single public property:

public object CallingContext { get; set; }

To be included as a rule function, methods must be public and non static. They must return SoftwareIDM.PanelModel.Rules.AttributeValue, and should have the [SoftwareIDM.PanelModel.Attributes.MemberDoc] attribute to document usage in the Rule Helper.

Clone the MIMTest source code repository which to view sample code.

A rule function must return a single AttributeValue, and may take zero or more arguments. Each argument must be an AttributeValue, except the last, which may also be params AttributeValue[] or Dictionary<string, AttributeValue>

Related articles

Comments

0 comments

Please sign in to leave a comment.