Hi @shekhardas1825 thanks for the update but how the query has to be updated for more than one entitlement/role revoke during user access revoke then how the revoke query look like as per my eralier rule code? any idea on this?
Thanks
Kalyan
@kalyannambi2010 you need to iterate through list and execute revoke if more than one entitlement to remove.
Use something like below: (not tested just sample code)
List accounts = plan.getAccountRequests();
if ( ( accounts != null ) && ( accounts.size() > 0 ) ) {
for ( AccountRequest account : accounts ) {
try {
if ( AccountRequest.Operation.Modify.equals( account.getOperation() ) ) {
String nativeIdentity = (String) account.getNativeIdentity();
//String PRIVValue = (String) getAttributeRequestValue(account,"PRIV");
AttributeRequest attrReq = account.getAttributeRequest("PRIV");
if ( account != null ) {
if ( attrReq != null && ProvisioningPlan.Operation.Remove.equals(attrReq.getOperation()) ) {
//statement.setNull ( 1, Types.NULL );
// statement.executeUpdate();
List entitlemetsToBeRemoved = new ArrayList();
if(null != attributeValue) {
if (attrReq.getValue()!=null && attrReq.getValue() instanceof String)
{
String attrValue = (String) attrReq.getValue();
entitlemetsToBeRemoved .add(attrValue);
}
else if (attrReq.getValue()!=null && attrReq.getValue() instanceof List)
{
List attrValueList = (List) attrReq.getValue();
entitlemetsToBeRemoved .addAll(attrValueList);
}
}
for (String attval:entitlemetsToBeRemoved){
String queryStatement = "revoke "+attval+" from "+nativeIdentity;
PreparedStatement statement = connection.prepareStatement(queryStatement);
statement.executeUpdate();
}
}
}
result.setStatus( ProvisioningResult.STATUS_COMMITTED );
} else {
// Unknown operation!
}
}
catch( SQLException e ) {
result.setStatus( ProvisioningResult.STATUS_FAILED );
result.addError( e );
}
finally {
if(statement != null) {
statement.close();
}
}
}
}
Thanks
Hi @Sriindugula thank you for sharing and from the code from where we are getting “attributeValue” value in the code like if (attributeValue instanceof String) etc?
Thanks
Kalyan
Updated above code. please check now.
FYI: it is sample code and not tested
Thanks
Hi @kalyannambi2010 ,
Do you wanna try the below code it is working for me.
else if ( AccountRequest.Operation.Modify.equals( account.getOperation() ) ) {
log.info(“Entering into Modify Operation”);
// Modify account request – change role
if ( account != null ) {
AttributeRequest attrReq = account.getAttributeRequest(“groupname”);
if ( attrReq != null && ProvisioningPlan.Operation.Remove.equals(attrReq.getOperation()) ) {
log.info(“Entering into Modify Operation Entitlement removal”);
statement = connection.prepareStatement( “delete from group where GroupKey = ? and ChildKey=?” );
Object value = attrReq.getValue();
if (value instanceof String) {
String uniqueid = getUniqueID((String)value,connection);
statement.setString ( 1, uniqueid);
statement.setString ( 2, (String) account.getNativeIdentity() );
log.info(“Group and Uniqueid is”+attrReq.getValue()+“”+uniqueid);
statement.executeUpdate();
}
if (value instanceof List) {
List attList = attrReq.getValue();
for(int i =0; i < attList.size(); i++){
String uniqueid = getUniqueID((String)attList.get(i),connection);
statement.setString ( 1, uniqueid);
statement.setString ( 2, (String) account.getNativeIdentity() );
log.info(“Group and Uniqueid is”+attrReq.getValue()+“”+uniqueid);
statement.executeUpdate();
}
}
} else {
log.info(“Entering into Modify Operation Entitlement Add”);
statement.setString(1,attrReq.getValue());
statement.executeUpdate();
}
}
result.setStatus( ProvisioningResult.STATUS_COMMITTED );
}
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.