From 4445c31759a5e66c5707dcb0412ce5c5884f2dac Mon Sep 17 00:00:00 2001
From: Alex Zaw <me@alexzaw.dev>
Date: Wed, 25 Feb 2026 23:06:38 +0000
Subject: [PATCH] Update Function ES_CREATE_USER_PROFILE

---
 .../Functions/ES_CREATE_USER_PROFILE.sql      | 202 +++++++++++++++++-
 1 file changed, 201 insertions(+), 1 deletion(-)

diff --git a/SAILPOINT/Functions/ES_CREATE_USER_PROFILE.sql b/SAILPOINT/Functions/ES_CREATE_USER_PROFILE.sql
index 44fd524..d2f94fb 100644
--- a/SAILPOINT/Functions/ES_CREATE_USER_PROFILE.sql
+++ b/SAILPOINT/Functions/ES_CREATE_USER_PROFILE.sql
@@ -1 +1,201 @@
-âÅã@×ÁãÈ@\ÓÉÂÓ@^@%%ÃÙÅÁãÅ@ÖÙ@ÙÅ×ÓÁÃÅ@ÆäÕÃãÉÖÕ@âÁÉÓ×ÖÉÕãKÅâmÃÙÅÁãÅmäâÅÙm×ÙÖÆÉÓÅ@M@%ÁäãÈÖÙÉéÁãÉÖÕÕÁÔÅ@åÁÙÃÈÁÙMñð]@k@%ãÅçãÄÅâÃÙÉ×ãÉÖÕ@åÁÙÃÈÁÙMõð]@ÄÅÆÁäÓã@@ÕäÓÓ@@k@%äâÅÙÃÓÁââÕÁÔÅ@åÁÙÃÈÁÙMñð]@ÄÅÆÁäÓã@@ÕäÓÓ@@k@%âãÁãäâ@åÁÙÃÈÁÙMñð]@ÄÅÆÁäÓã@@ÕäÓÓ@@k@%âÅã×ÁââæÖÙÄãÖÅç×ÉÙÅ@åÁÙÃÈÁÙMñð]@ÄÅÆÁäÓã@@ÕäÓÓ@@k@%äâÅÙÖæÕÅÙ@åÁÙÃÈÁÙMñð]@ÄÅÆÁäÓã@@ÕäÓÓ@@k@%ÇÙÖä××ÙÖÆÉÓÅÕÁÔÅ@åÁÙÃÈÁÙMñð]@ÄÅÆÁäÓã@@ÕäÓÓ@@k@%ÁÃÃÖäÕãÉÕÇÃÖÄÅ@åÁÙÃÈÁÙMòð]@ÄÅÆÁäÓã@@ÕäÓÓ@@k@%ÑÖÂÄÅâÃÙÉ×ãÉÖÕÕÁÔÅ@åÁÙÃÈÁÙMñð]@ÄÅÆÁäÓã@@ÕäÓÓ@@k@%Öäã×äãØäÅäÅÕÁÔÅ@åÁÙÃÈÁÙMòñ]@ÄÅÆÁäÓã@@ÕäÓÓ@@k@%ÔÅââÁÇÅØäÅäÅÕÁÔÅ@åÁÙÃÈÁÙMòñ]@ÄÅÆÁäÓã@@ÕäÓÓ@@k@%ÓÉÔÉãÃÁ×ÁÂÉÓÉãÉÅâ@åÁÙÃÈÁÙMñð]@ÄÅÆÁäÓã@@ÕäÓÓ@@k@%â×ÅÃÉÁÓÁäãÈÖÙÉãÉÅâÑâÖÕ@åÁÙÃÈÁÙMñðòô]@ÄÅÆÁäÓã@@ÕäÓÓ@@]@%ÙÅãäÙÕâ@ÃÓÖÂMòñô÷ôøóöô÷]@@@%ÓÁÕÇäÁÇÅ@âØÓ@%â×ÅÃÉÆÉÃ@âÁÉÓ×ÖÉÕãKÅâÉÃÙãäâÙ@%ÕÖã@ÄÅãÅÙÔÉÕÉâãÉÃ@%ÔÖÄÉÆÉÅâ@âØÓ@ÄÁãÁ@%ÃÁÓÓÅÄ@ÖÕ@ÕäÓÓ@ÉÕ×äã@%ÕÖã@ÆÅÕÃÅÄ@%âÅã@Ö×ãÉÖÕ@@ÁÓæÂÓÒ@~@\ÁÓÓÙÅÁÄ@k@%ÁÓæÃ×èÄãÁ@~@\Ö×ãÉÔÉéÅ@k@%ÃÖÔÔÉã@~@\ÕÖÕÅ@k@%ÄÂÇåÉÅæ@~@\âÖäÙÃÅ@k@%ÄÅÃÙÅâäÓã@~@Móñk@óñk@ðð]@k@%ÄèÕÄÆãÃÖÓ@~@\ÕÖ@k@%ÄèÕäâÙ×ÙÆ@~@\ÖæÕÅÙ@k@%âÙãâÅØ@~@\ÈÅç@@@%ÂÅÇÉÕ@%``@%``@%``@%``@%``…™”…•£•£@¥™‰‚“…^@%ÄÅÃÓÁÙÅ@â×ÅÃÉÁÓÁäãÈâ@åÁÙÃÈÁÙ@M@ñððð@]@^@%ÄÅÃÓÁÙÅ@åmÔÅââÁÇÅmÉÄ@åÁÙÃÈÁÙ@M@ñð@]@^@%ÄÅÃÓÁÙÅ@åmÔÅââÁÇÅmãÅçã@åÁÙÃÈÁÙ@M@òðôø@]@^@%ÄÅÃÓÁÙÅ@åmâãÁãäâ@åÁÙÃÈÁÙ@M@òð@]@^@%ÄÅÃÓÁÙÅ@ÃÖÕãÉÕäÅ@ÈÁÕÄÓÅÙ@ÆÖÙ@âØÓÅçÃÅ×ãÉÖÕ@%ÂÅÇÉÕ@%ÄÅÃÓÁÙÅ@åmâØÓâãÁãÅ@ÃÈÁÙ@M@õ@]@^@%ÄÅÃÓÁÙÅ@åmÄÂòmÙÅãäÙÕmÃÖÄÅ@ÉÕã@^@%ÄÅÃÓÁÙÅ@åmÄÂòmÔÅââÁÇÅmÉÄ@ÃÈÁÙ@M@÷@]@^@%ÄÅÃÓÁÙÅ@åmÅÙÙÖÙmÔÅââÁÇÅ@ÃÓÖÂ@M@òðôø@]@^@%``@Ã—£¤™…@„‰‡•–¢£‰ƒ@‰•†–@%ÇÅã@ÄÉÁÇÕÖâãÉÃâ@ÃÖÕÄÉãÉÖÕ@ñ@%åmÄÂòmÙÅãäÙÕmÃÖÄÅ@~@ÄÂòmÙÅãäÙÕÅÄmâØÓÃÖÄÅ@k@%åmâØÓâãÁãÅ@~@ÙÅãäÙÕÅÄmâØÓâãÁãÅ@k@%åmÅÙÙÖÙmÔÅââÁÇÅ@~@ÔÅââÁÇÅmãÅçã@k@%åmÄÂòmÔÅââÁÇÅmÉÄ@~@ÄÂòmÔÅââÁÇÅmÉÄ@^@%ÙÅãäÙÕ@%M@%åÁÓäÅâ@ÑâÖÕmÖÂÑÅÃã@M@%}¢¤ƒƒ…¢¢}@åÁÓäÅ@}†“¢…}@k@}âØÓÉ•†–}@åÁÓäÅ@ÑâÖÕmÖÂÑÅÃã@M@%}âØÓâ££…}@åÁÓäÅ@åmâØÓâãÁãÅ@k@%}âØÓÃ–„…}@åÁÓäÅ@åmÄÂòmÙÅãäÙÕmÃÖÄÅ@k@%}”…¢¢‡…ÉÄ}@åÁÓäÅ@åmÄÂòmÔÅââÁÇÅmÉÄ@k@%}”…¢¢‡…}@åÁÓäÅ@åmÅÙÙÖÙmÔÅââÁÇÅ@k@%}ƒ¤™™…•£ã‰”…¢£”—}@åÁÓäÅ@ÃäÙÙÅÕãmãÉÔÅâãÁÔ×@%]@%]@]@^@%ÅÕÄ@^@%``@Ã–•¥…™£@ÑâÖÕ@¢£™‰•‡@‰•£–@¢—ƒ…@¢…—™£…„@“‰¢£@%ÉÆ@â×ÅÃÉÁÓÁäãÈÖÙÉãÉÅâÑâÖÕ@Éâ@ÕÖã@ÕäÓÓ@ãÈÅÕ@%âÅã@â×ÅÃÉÁÓÁäãÈâ@~@M@%âÅÓÅÃã@ÓÉâãÁÇÇ@M@ãÙÉÔ@M@ÆÙÁÇÔÅÕã@]@k@}@}@]@%ÆÙÖÔ@ãÁÂÓÅ@M@%ÃÉâãÖÖÓâ@K@â×ÓÉãmâãÙÉÕÇ@M@%ÙÅÇÅç×mÙÅ×ÓÁÃÅ@M@%ÃÁâã@M@%â×ÅÃÉÁÓÁäãÈÖÙÉãÉÅâÑâÖÕ@Áâ@åÁÙÃÈÁÙ@M@ñððð@]@%ÃÃâÉÄ@ó÷@]@k@}ºàºOà»OàÀOàÐOàOàkOà¢N»}@k@%}@}@]@k@}@}@]@%]@%æÈÅÙÅ@ÆÙÁÇÔÅÕã@Ln@}}@%ÁÕÄ@ÆÙÁÇÔÅÕã@Éâ@ÕÖã@ÕäÓÓ@]@^@%ÅÕÄ@ÉÆ@^@%``@Â¤‰“„@£ˆ…@ƒ–””•„@%âÅã@ÃÉâãÖÖÓâ@K@âØÓmâãÁãÅÔÅÕã@~@}ÃÙãäâÙ×ÙÆ@äâÙ×ÙÆM}@OO@ÁäãÈÖÙÉéÁãÉÖÕÕÁÔÅ@%OO@}]}@^@%ÉÆ@ãÅçãÄÅâÃÙÉ×ãÉÖÕ@Éâ@ÕÖã@ÕäÓÓ@ãÈÅÕ@%âÅã@ÃÉâãÖÖÓâ@K@âØÓmâãÁãÅÔÅÕã@~@ÃÉâãÖÖÓâ@K@âØÓmâãÁãÅÔÅÕã@OO@}@ãÅçãM}@OO@%ÃÉâãÖÖÓâ@K@ÇÅãmØäÖãÅÄ@M@ãÅçãÄÅâÃÙÉ×ãÉÖÕ@]@OO@}]}@^@%ÅÕÄ@ÉÆ@^@%ÉÆ@äâÅÙÃÓÁââÕÁÔÅ@Éâ@ÕÖã@ÕäÓÓ@ãÈÅÕ@%âÅã@ÃÉâãÖÖÓâ@K@âØ
\ No newline at end of file
+SET PATH *LIBL ; 
+
+CREATE OR REPLACE FUNCTION SAILPOINT.ES_CREATE_USER_PROFILE ( 
+	AUTHORIZATIONNAME VARCHAR(10) , 
+	TEXTDESCRIPTION VARCHAR(50) DEFAULT  NULL  , 
+	USERCLASSNAME VARCHAR(10) DEFAULT  NULL  , 
+	STATUS VARCHAR(10) DEFAULT  NULL  , 
+	SETPASSWORDTOEXPIRE VARCHAR(10) DEFAULT  NULL  , 
+	USEROWNER VARCHAR(10) DEFAULT  NULL  , 
+	GROUPPROFILENAME VARCHAR(10) DEFAULT  NULL  , 
+	ACCOUNTINGCODE VARCHAR(20) DEFAULT  NULL  , 
+	JOBDESCRIPTIONNAME VARCHAR(10) DEFAULT  NULL  , 
+	OUTPUTQUEUENAME VARCHAR(21) DEFAULT  NULL  , 
+	MESSAGEQUEUENAME VARCHAR(21) DEFAULT  NULL  , 
+	LIMITCAPABILITIES VARCHAR(10) DEFAULT  NULL  , 
+	SPECIALAUTHORITIESJSON VARCHAR(1024) DEFAULT  NULL  ) 
+	RETURNS CLOB(2147483647)   
+	LANGUAGE SQL 
+	SPECIFIC SAILPOINT.ESICRTUSR 
+	NOT DETERMINISTIC 
+	MODIFIES SQL DATA 
+	CALLED ON NULL INPUT 
+	NOT FENCED 
+	SET OPTION  ALWBLK = *ALLREAD , 
+	ALWCPYDTA = *OPTIMIZE , 
+	COMMIT = *NONE , 
+	DBGVIEW = *SOURCE , 
+	DECRESULT = (31, 31, 00) , 
+	DYNDFTCOL = *NO , 
+	DYNUSRPRF = *OWNER , 
+	SRTSEQ = *HEX   
+	BEGIN 
+-- 
+-- 
+-- 
+-- 
+--ermentant variable; 
+DECLARE SPECIALAUTHS VARCHAR ( 1000 ) ; 
+DECLARE V_MESSAGE_ID VARCHAR ( 10 ) ; 
+DECLARE V_MESSAGE_TEXT VARCHAR ( 2048 ) ; 
+DECLARE V_STATUS VARCHAR ( 20 ) ; 
+DECLARE CONTINUE HANDLER FOR SQLEXCEPTION 
+BEGIN 
+DECLARE V_SQLSTATE CHAR ( 5 ) ; 
+DECLARE V_DB2_RETURN_CODE INT ; 
+DECLARE V_DB2_MESSAGE_ID CHAR ( 7 ) ; 
+DECLARE V_ERROR_MESSAGE CLOB ( 2048 ) ; 
+-- Capture diagnostic info 
+GET DIAGNOSTICS CONDITION 1 
+V_DB2_RETURN_CODE = DB2_RETURNED_SQLCODE , 
+V_SQLSTATE = RETURNED_SQLSTATE , 
+V_ERROR_MESSAGE = MESSAGE_TEXT , 
+V_DB2_MESSAGE_ID = DB2_MESSAGE_ID ; 
+RETURN 
+( 
+VALUES JSON_OBJECT ( 
+'success' VALUE 'false' , 'SQLInfo' VALUE JSON_OBJECT ( 
+'SQLState' VALUE V_SQLSTATE , 
+'SQLCode' VALUE V_DB2_RETURN_CODE , 
+'messageID' VALUE V_DB2_MESSAGE_ID , 
+'message' VALUE V_ERROR_MESSAGE , 
+'currentTimestamp' VALUE CURRENT_TIMESTAMP 
+) 
+) ) ; 
+END ; 
+-- Convert JSON string into space separated list 
+IF SPECIALAUTHORITIESJSON IS NOT NULL THEN 
+SET SPECIALAUTHS = ( 
+SELECT LISTAGG ( TRIM ( FRAGMENT ) , ' ' ) 
+FROM TABLE ( 
+CISTOOLS . SPLIT_STRING ( 
+REGEXP_REPLACE ( 
+CAST ( 
+SPECIALAUTHORITIESJSON AS VARCHAR ( 1000 ) 
+CCSID 37 ) , '[\[|\]|\{|\}|\"|\,|\s+]' , 
+' ' ) , ' ' ) 
+) 
+WHERE FRAGMENT <> '' 
+AND FRAGMENT IS NOT NULL ) ; 
+END IF ; 
+-- Build the command 
+SET CISTOOLS . SQL_STATEMENT = 'CRTUSRPRF USRPRF(' || AUTHORIZATIONNAME 
+|| ')' ; 
+IF TEXTDESCRIPTION IS NOT NULL THEN 
+SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' TEXT(' || 
+CISTOOLS . GET_QUOTED ( TEXTDESCRIPTION ) || ')' ; 
+END IF ; 
+IF USERCLASSNAME IS NOT NULL THEN 
+SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' USRCLS(' 
+|| USERCLASSNAME || ')' ; 
+END IF ; 
+IF STATUS IS NOT NULL THEN 
+SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' STATUS(' 
+|| STATUS || ')' ; 
+END IF ; 
+IF SETPASSWORDTOEXPIRE IS NOT NULL THEN 
+SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' PWDEXP(' 
+|| SETPASSWORDTOEXPIRE || ')' ; 
+END IF ; 
+IF USEROWNER IS NOT NULL THEN 
+SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' OWNER(' || 
+USEROWNER || ')' ; 
+END IF ; 
+IF GROUPPROFILENAME IS NOT NULL THEN 
+SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' GRPPRF(' 
+|| GROUPPROFILENAME || ')' ; 
+END IF ; 
+IF ACCOUNTINGCODE IS NOT NULL THEN 
+SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' ACGCDE(' 
+|| ACCOUNTINGCODE || ')' ; 
+END IF ; 
+IF JOBDESCRIPTIONNAME IS NOT NULL THEN 
+SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' JOBD(' || 
+JOBDESCRIPTIONNAME || ')' ; 
+END IF ; 
+IF OUTPUTQUEUENAME IS NOT NULL THEN 
+SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' OUTQ(' || 
+OUTPUTQUEUENAME || ')' ; 
+END IF ; 
+IF MESSAGEQUEUENAME IS NOT NULL THEN 
+SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' MSGQ(' || 
+MESSAGEQUEUENAME || ')' ; 
+END IF ; 
+IF LIMITCAPABILITIES IS NOT NULL THEN 
+SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' LMTCPB(' 
+|| LIMITCAPABILITIES || ')' ; 
+ELSE 
+SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || 
+' LMTCPB(*YES)' ; 
+END IF ; 
+IF SPECIALAUTHS IS NOT NULL 
+AND LENGTH ( TRIM ( SPECIALAUTHS ) ) > 0 THEN 
+SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' SPCAUT(' 
+|| SPECIALAUTHS || ')' ; 
+END IF ; 
+CALL CISTOOLS . SYSTEM ( CISTOOLS . SQL_STATEMENT ) ; 
+-- Return JSON with specialAuthorities as array 
+RETURN 
+COALESCE ( 
+JSON_OBJECT ( 
+'success' : 'true' , 
+'data' VALUE ( 
+SELECT JSON_OBJECT ( 
+'authorizationName' VALUE CAST ( 
+AUTHORIZATION_NAME AS VARCHAR ( 256 ) CCSID 37 ) , 
+'tempPassword' VALUE CAST ( 
+AUTHORIZATION_NAME AS VARCHAR ( 256 ) CCSID 37 ) , 
+'textDescription' VALUE CAST ( 
+TEXT_DESCRIPTION AS VARCHAR ( 256 ) CCSID 37 ) , 
+'userClassName' VALUE CAST ( 
+USER_CLASS_NAME AS VARCHAR ( 256 ) CCSID 37 ) , 
+'status' VALUE CAST ( 
+STATUS AS VARCHAR ( 256 ) CCSID 37 ) , 
+'userOwner' VALUE CAST ( 
+USER_OWNER AS VARCHAR ( 256 ) CCSID 37 ) , 
+'groupProfileName' VALUE CAST ( 
+GROUP_PROFILE_NAME AS VARCHAR ( 256 ) CCSID 37 ) , 
+'accountingCode' VALUE CAST ( 
+ACCOUNTING_CODE AS VARCHAR ( 256 ) CCSID 37 ) , 
+'homeDirectory' VALUE CAST ( 
+HOME_DIRECTORY AS VARCHAR ( 256 ) CCSID 37 ) , 
+'limitCapabilities' VALUE CAST ( 
+LIMIT_CAPABILITIES AS VARCHAR ( 528 ) CCSID 37 ) , 
+'specialAuthorities' VALUE ( 
+SELECT JSON_ARRAYAGG ( 
+TRIM ( FRAGMENT ) 
+) 
+FROM TABLE ( 
+CISTOOLS . SPLIT_STRING ( 
+TRIM ( 
+CAST ( 
+A . SPECIAL_AUTHORITIES AS 
+VARCHAR ( 528 ) CCSID 37 ) ) , ' ' ) 
+) 
+WHERE TRIM ( FRAGMENT ) <> '' ) , 
+'creationTimestamp' VALUE CREATION_TIMESTAMP 
+) 
+FROM QSYS2 . USER_INFO A 
+WHERE AUTHORIZATION_NAME = UPPER ( AUTHORIZATIONNAME ) ) 
+FORMAT JSON 
+) , JSON_OBJECT ( 
+'success' : 'false' , 'SQLInfo' VALUE JSON_OBJECT ( 
+'messageID' VALUE 'SQL02000' , 
+'message' VALUE 'Requested resouce not found ' , 
+'currentTimestamp' VALUE CURRENT_TIMESTAMP 
+) 
+) ) ; 
+END  ; 
+
+GRANT ALTER , EXECUTE   
+ON SPECIFIC FUNCTION SAILPOINT.ESICRTUSR 
+TO AMAPICS WITH GRANT OPTION ; 
+
+GRANT EXECUTE   
+ON SPECIFIC FUNCTION SAILPOINT.ESICRTUSR 
+TO PUBLIC ; 
+
+GRANT ALTER , EXECUTE   
+ON SPECIFIC FUNCTION SAILPOINT.ESICRTUSR 
+TO QSECOFR WITH GRANT OPTION ; 
+