Delete Multiple Entitlements using the JDBC Provisioning Rule

sai_krishna_L · August 9, 2024, 6:01am

Hi All,

I am working on the JDBC Provisioning Rule,
In the remove operation I’m trying to iterate the multiple Entitlements and executing the delete statement. But in the target system I am able to see only one Entitlement is deleted, instead of multiple Entitlements deletion.
Here is the code snippet of the remove operation:

                                        String COMMA = ",";
					String entName = "";
				        String[] entArr = ent.split(COMMA);	

                   if("Remove".equals(getAttrReqOpName(account,"ENT_SET_NAME"))) { 
			         log.error("inside remove ***************************************** ");
					 
					 	  
						 
						 for (int i= 0; i<entArr.length;i++){
						 	 entName = entArr[i];
							 
					          log.error("inside delete ent------------:"+entName);
						  log.error("inside delete *****************************************
");
						  statement = connection.prepareStatement( "delete from
XTPFILDBO.T_TKEO_ENTSET_OPER_XREF  where oper_id=? AND ent_set_name = ?");
						  
						  String oper_id = account.getNativeIdentity();
						  statement.setString ( 1, oper_id );
						  statement.setString ( 2, entName);
						   log.error("inside delete oper_id-------------:" + oper_id);
						   log.error("inside delete entName------------:"+entName);
						  log.error("before excuteupdate--------------:");
		    			          statement.executeUpdate();
						  log.error("Afterexcute--------------:");
						  log.error("inside delete oper_id-------------:" + oper_id);
						   log.error("inside delete entName------------:"+entName);
						  log.error("statement--------------:" + statement.toString());
                          
						
					}
					result.setStatus( ProvisioningResult.STATUS_COMMITTED );

					}

Below is the logs in which I’m able to see the different Entitlements in each iteration.

Please let me know where I am doing wrong.

Kind Regards,
Sai Krishna L

PrashantMishra · August 9, 2024, 6:58am

Hi @sai_krishna_L ,

Can you include result.setStatus( ProvisioningResult.STATUS_COMMITTED );
inside the loop and give it a try.

It’s always good practice to use the provided input arguments in any connector rules.
Provided link here - JDBC Provision Rule | SailPoint Developer Community would help in your case.

Thanks,
Prashant

sai_krishna_L · August 9, 2024, 7:30am

Hi @PrashantMishra,

Thanks for your response.

Even I have tried to include the below line inside the loop.
result.setStatus( ProvisioningResult.STATUS_COMMITTED );

But only one entitlement got removed from the target system.
I am performing the remove of multiple entitlements using the certification campaign choosing multiple Access profiles in it for a single user.

can you please help me??

Kind Regards,
Sai Krishna L

gogubapu · August 9, 2024, 8:50am

Hi @sai_krishna_L,

You may try below code this code snipt:

AttributeRequest attrReq = account.getAttributeRequest(\"Groups\"); 
List entArr=new ArrayList();
if(attrReq.getValue() instanceof String){
	entArr.add(attrReq.getValue());
}
else{
	entArr.addAll(attrReq.getValue());
}
String entitlements = String.join(", ", entArr);
statement = connection.prepareStatement( "DELETE FROM XTPFILDBO.T_TKEO_ENTSET_OPER_XREF WHERE oper_id=? AND ent_set_name IN ("+entitlements+")"); // output of entitlements (ent1, ent2,ent3...etc)
String oper_id = account.getNativeIdentity();
statement.setString ( 1, oper_id );
	
log.error("inside delete oper_id-------------:" + oper_id);
log.error("inside delete entName------------:"+entitlements);
log.error("before excuteupdate--------------:");
statement.executeUpdate();
log.error("statement--------------:" + statement.toString());
result.setStatus( ProvisioningResult.STATUS_COMMITTED );

Thank You.

PrashantMishra · August 9, 2024, 9:16am

Hi @sai_krishna_L ,

As part of certification campaigns for access removal of items. In your case as you’re trying to remove a list of entitlements from the Access profile but in DELETE statement it was just defined for an single entity. So only single entity got removed from the target.

I agree with @gogubapu it should work in either of any cases.

Thanks,
Prashant

system · October 8, 2024, 9:17am

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
JDBC Provisioning Rule Enquiry ISC Discussion and Questions rules , identity-security-cloud , provisioning	6	97	October 21, 2024
Modifying a Single valued entitlement ISC Discussion and Questions identity-security-cloud , provisioning , jdbc-connector	9	395	April 30, 2024
Remove entitlements before deleting account IIQ Discussion and Questions rules , identityiq , provisioning , entitlements , jdbc-connector	2	56	December 9, 2024
How to assign multiple entitlements/insert multiple records for a single user in DB for a JDBC connector identitynow? ISC Discussion and Questions rules , identity-security-cloud , provisioning	27	234	January 17, 2025
How to fetch the entitlement attributes in JDBC Provisioning Rule ISC Discussion and Questions identity-security-cloud , provisioning	22	195	December 21, 2024

Delete Multiple Entitlements using the JDBC Provisioning Rule

Related topics