SAP Identity Management HTML Reporting: How to create HTML Reports.
HTML Reporting
- What are the attributes of a given user?
- What are the business roles assigned to a given user?
- What systems does a given user has access to?
- Which business roles are available in the system?
- How many users/business roles, etc. are available in
the system?
MX_REPORT
- MSKEYVALUE
- DISPLAYNAME– display name of the report.
- MX_OWNER
- MX_REPORT_ENTRY
- MX_REPORT_DATE– date on which the report was requested.
- MX_REPORT_FORMAT– format of the report (this could be PDF,HTML,DOC, etc.)
- MX_REPORT_RESULT– this attribute holds the full report result. It is saved as a binary in the database.
- MX_REPORT_RESULT_REF– this attribute holds a reference to the report result, in case it is stored in a separate file server.
- Entry – This corresponds to the value of the MX_REPORT_ENTRY attribute.
- Status – Status of the report task (pending, OK or Error). This status is calculated based on the status of the task execution, taken from the MCMV_AUDIT view.
- Report Date – This corresponds to the value of the MX_REPORT_DATE attribute.
- Report Name – The name of the report. If DISPLAYNAME has a value, this value is stored, otherwise the value of MSKEYVALUE is stored here.
- Report Result – This corresponds either to the MX_REPORT_RESULT or to the MX_REPORT_RESULT_REF attribute.
HTML Reporting Task
here is, that after we create the report in the UI, we would receive the value of the MX_REPORT_ENTRY attribute, which is actually the mskey of the user, we are running the Create Report task on, and use this value as MSKEY in our queries, which will return the assigned privileges and roles. We will need MSKEYVALUE, to point to the created report, MX_REPORT_FORMAT, which will be with value – “HTML”, because if it’s in another format, when
opened in the UI, it will not be opened in the browser as needed; and MX_REPORT_RESULT, which will get its value from a custom script. In the script, we will use the magic of HTML5 + SQL Queries in order to create the report itself. Let’s create the script.
HTML Reporting Script
-
- We create a Header and Footer, which will be just static CSS and HTML code in the beginning and in the end of the HTML file. We do this to delimitate the static parts of the HTML code, so that they won’t interfere with our main logic. The header contains the opening HTML tags and the CSS used, and the footer just contains the closing HTML tags. For the sake of simplicity in this article, I won’t add the real CSS code I used in this example. If you want
to use the same CSS, you can find a reference to the file at the end of the article. Nevertheless, your header should look like this: -
<…………CSS here……………..>And your footer should be like this:
- We create a Header and Footer, which will be just static CSS and HTML code in the beginning and in the end of the HTML file. We do this to delimitate the static parts of the HTML code, so that they won’t interfere with our main logic. The header contains the opening HTML tags and the CSS used, and the footer just contains the closing HTML tags. For the sake of simplicity in this article, I won’t add the real CSS code I used in this example. If you want
2. Now, let’s create the script itself. For now, we have the HTML opening tags and the CSS, and the HTML closing tags, along with the table closing tag. Now, let’s populate the table itself. We will create 2 rows and 3 columns. The 1st row will contain the table headings: User Name, Assigned Privileges and Assigned Roles. The second row will contain the username, privileges and roles, all extracted from the Identity Center.
select mcothermskeyvalue from idmv_link_ext2 where mcAttrName='MXREF_MX_PRIVILEGE' and
mcthismskey='"+Par+"'
select mcothermskeyvalue from idmv_link_ext2 where mcAttrName='MXREF_MX_ROLE' and mcthismskey="+Par+"
select mcmskeyvalue from idmv_entry_simple where mcmskey="+Par+"
// Main function: HTMLReport function HTMLReport(Par){ var oHeader = uFromFile("C:\Reporting\Template\header.html","-1","false"); var oFooter =uFromFile("C:\Reporting\Template\footer.html","-1","false"); var AssignedPrivileges=uSelect("select mcothermskeyvalue from idmv_link_ext2 where mcAttrName='MXREF_MX_PRIVILEGE' and mcthismskey='"+Par+"'"); var oList=""; var oArray=AssignedPrivileges.split("!!"); for(var i=0; i<oArray.length; i++){ oList=oList+oArray[i]+'
'; } var AssignedRoles = uSelect("select mcothermskeyvalue from idmv_link_ext2 where mcAttrName='MXREF_MX_ROLE' and mcthismskey='"+Par+"' "); var oList2=""; var oArray2 = AssignedRoles.split("!!"); for(var i=0; i<oArray2.length; i++){ oList2 = oList2 + oArray2[i] + '
'; } var userName = uSelect("select mcmskeyvalue from idmv_entry_simple where mcmskey="+Par+" "); var oHTML='
UserName: | Assigned Privileges | Assigned Roles |
‘+userName+’ | ‘+oList+’ | ‘+oList2+’ |
3. As a final step, we add the value of MX_REPORT_RESULT to be calculated via the HTMLReport script, with MX_REPORT_ENTRY as input parameter. The Pass definition should look like this:
4. Save the task and log on to the User Interface with the “Administrator” user.
Starting the task via the User Interface
Let’s execute the task on an entry. We go to manage tab and search for a person. We select the person, go to “Choose task” and select the “Create Report” task.
The “Create Report” task is opened and we fill the attributes needed, then click “Save”.
This will save a new entry of type MX_REPORT, with MSKEYVALUE and Display Name – Superman Report, MX_REPORT_DATE – 25.04.2014, and values for DESCRIPTION and MX_REPORT_ERROR. Saving this will execute the action task and the To Identity Store pass, which will set HTML as value to the MX_REPORT_FORMAT attribute, and will calculate the value of MX_REPORT_RESULT, using the Script we created. To see our result, we will go to the View Reports tab:
We can see our newly generated report. We can see that it is for the Entry Clark Kent, the report task is successfully executed (Status – “OK”), the report name and the report result. If we click on the Result, we will see our report in the browser:
Pretty, isn’t it? It contains the UserName of the user and all the assigned privileges and business roles.
You can find the header and footer files, which I used with the abovementioned script to create this example report, attached to the article. If you like them, they are available for free usage ????
Yours truly,
Emanuil
New NetWeaver Information at SAP.com
Very Helpfull