As per best practices from SailPoint’s coding of rules and workflow, you should lock an object from within your rule/script, while performing an update. Doing so will help to maintain ACID property DB
Here is a code snippet to properly lock and unlock an object by using the transaction locking mechanism.
The example is for a Custom object, but can be used for any sailpoint.object that extends SailPointObject.
For an Identity object and other objects (Certification) that should use the persistent locking mechanism, refer to the lockIdentity, lockCertificationById methods in the ObjectUtil class.
import sailpoint.api.ObjectUtil;
import sailpoint.object.Custom;
//Get the Transaction lock
Custom custom = ObjectUtil.transactionLock(context, Custom.class, custObjName);
try {
//Modify the object
custom.put(key, val);
//Save the modifications in the Try block
context.saveObject(custom);
} catch (Exception e) {
//Log any errors encountered during saving the object
log.error(e);
} finally {
//Commit the transaction
context.commitTransaction();
}
context.decache(custom);
Reference: https://community.sailpoint.com/
This article is contributed by Roopesh. Roopesh is our Senior Consultant and has over 8 years of experience in Identity and Access Management (IAM), particularly with SailPoint and CyberArk.