JDBC Connector Modify Operation in Provision Rule

pulatoi · November 20, 2024, 8:40pm

Hello everybody.
I hope y’all are doing great!
I am working on the JDBC Provisioning Rule, the final part is add/remove entitlements. I have a lot of entitlement types, all are entitlements in provisioning plan (update operation):

My question is, how to create the statement if you dont know the exact number of entitlements and its names. Clarification: on the screenshot above, I requested an access profile, and provisioning plan has listed missing entitlement only.
Should I create a “for-loop” and just loop through the accountrequest to build the statement? Or is there a trick haha?
I was thinking about UPDATE set ?=?, ?=?, ?=? where login=?
SOS, please

mcheek · November 20, 2024, 9:45pm

You iterate through the attribute requests. Here is an example

else if ( AccountRequest.Operation.Modify.equals( account.getOperation() ) ) {
          
          List attributeRequests = account.getAttributeRequests();
          
          if (attributeRequests != null) {
            for (AttributeRequest attributeRequest : attributeRequests) {
              String attributeName = attributeRequest.getName();
              Object attributeValue = attributeRequest.getValue();
              String operation;

              if(ProvisioningPlan.Operation.Remove.equals(attributeRequest.getOperation())){
                operation = "REMOVE";
              }
              if(ProvisioningPlan.Operation.Add.equals(attributeRequest.getOperation())){
                operation = "ADD";
              }
              
              PreparedStatement statement = connection.prepareStatement( "EXEC [dbo].[usp_SetUserSecurity] @USERNAME = ?, @TYPE = ?, @ACTION = ?, @VALUE = ?" );
              statement.setString ( 1, "CHKENERGY\\" + nativeId );
              statement.setString ( 2, attributeName );
              statement.setString ( 3, operation );
              statement.setInt ( 4, Integer.parseInt((String) attributeValue)  );

              statement.executeUpdate();        
            }
          }
          result.setStatus( ProvisioningResult.STATUS_COMMITTED );

        }

pulatoi · November 20, 2024, 9:50pm

Can you share the stored procedure too, just wanna see the structure for the query. are you using UPDATE only or Revoke too?
Thanks

mcheek · November 20, 2024, 10:01pm

I’m not understanding how my stored proc that’s specific to my application would help in this circumstance. If the operation is Add it calls one update statement and if it’s remove it calls a different one.

I would have done all that in the rule except that for some reason if you use bitwise operators in your query it wasn’t working in Java, so I decided to create a stored procedure.

I just wanted to provide a complete example. You need to put your own logic and queries inside the for loop

iamnithesh · November 25, 2024, 10:08pm

Does each entitlement will have a single value? If not, do you need to insert a new row for each value?

Based on how your use case is, you can use a StringBuilder or a List in java to construct the Update query

pulatoi · November 30, 2024, 10:14pm

yes, each enititlement has a single value. It is not adding rows, rather updating the row. for example, if security group is requested, that entry is just updated to that value. But, just like explained above, we don’t know how many entitlement types are changing. In my update statement, I dont know beforehand which columns are going to be updated. So, I guess, I will try Mark’s solution and try working on that, and keep you updated.
Thaknks