SET PATH *LIBL ; 

CREATE OR REPLACE FUNCTION SAILPOINT.ES_CHANGE_USER_PROFILE ( 
	AUTHORIZATIONNAME VARCHAR(10) , 
	TEXTDESCRIPTION VARCHAR(50) DEFAULT  NULL  , 
	USERCLASSNAME VARCHAR(10) DEFAULT  NULL  , 
	STATUS VARCHAR(10) DEFAULT  NULL  , 
	SETPASSWORDTOEXPIRE VARCHAR(10) DEFAULT  NULL  , 
	USEROWNER VARCHAR(10) DEFAULT  NULL  , 
	GROUPPROFILENAME VARCHAR(10) DEFAULT  NULL  , 
	ACCOUNTINGCODE VARCHAR(20) DEFAULT  NULL  , 
	JOBDESCRIPTIONNAME VARCHAR(10) DEFAULT  NULL  , 
	OUTPUTQUEUENAME VARCHAR(21) DEFAULT  NULL  , 
	MESSAGEQUEUENAME VARCHAR(21) DEFAULT  NULL  , 
	LIMITCAPABILITIES VARCHAR(10) DEFAULT  NULL  , 
	SPECIALAUTHORITIESJSON VARCHAR(1024) DEFAULT  NULL  , 
	HOMEDIRECTORY VARCHAR(255) DEFAULT  NULL  ) 
	RETURNS CLOB(2147483647)   
	LANGUAGE SQL 
	SPECIFIC SAILPOINT.ESCHGUSR 
	NOT DETERMINISTIC 
	MODIFIES SQL DATA 
	CALLED ON NULL INPUT 
	NOT FENCED 
	SET OPTION  ALWBLK = *ALLREAD , 
	ALWCPYDTA = *OPTIMIZE , 
	COMMIT = *NONE , 
	DBGVIEW = *SOURCE , 
	DECRESULT = (31, 31, 00) , 
	DYNDFTCOL = *NO , 
	DYNUSRPRF = *OWNER , 
	SRTSEQ = *HEX   
	BEGIN 
DECLARE SPECIALAUTHS VARCHAR ( 1000 ) ; 
DECLARE V_MESSAGE_ID VARCHAR ( 10 ) ; 
DECLARE V_MESSAGE_TEXT VARCHAR ( 2048 ) ; 
DECLARE V_STATUS VARCHAR ( 20 ) ; 
DECLARE CONTINUE HANDLER FOR SQLEXCEPTION 
BEGIN 
DECLARE V_SQLSTATE CHAR ( 5 ) ; 
DECLARE V_DB2_RETURN_CODE INT ; 
DECLARE V_DB2_MESSAGE_ID CHAR ( 7 ) ; 
DECLARE V_ERROR_MESSAGE CLOB ( 2048 ) ; 
-- Capture diagnostic info 
GET DIAGNOSTICS CONDITION 1 
V_DB2_RETURN_CODE = DB2_RETURNED_SQLCODE , 
V_SQLSTATE = RETURNED_SQLSTATE , 
V_ERROR_MESSAGE = MESSAGE_TEXT , 
V_DB2_MESSAGE_ID = DB2_MESSAGE_ID ; 
RETURN 
( 
VALUES JSON_OBJECT ( 
'success' VALUE 'false' , 'SQLInfo' VALUE JSON_OBJECT ( 
'SQLState' VALUE V_SQLSTATE , 
'SQLCode' VALUE V_DB2_RETURN_CODE , 
'messageID' VALUE V_DB2_MESSAGE_ID , 
'message' VALUE V_ERROR_MESSAGE , 
'currentTimestamp' VALUE CURRENT_TIMESTAMP 
) 
) ) ; 
END ; 
IF SPECIALAUTHORITIESJSON IS NOT NULL THEN 
SET SPECIALAUTHS = ( 
SELECT LISTAGG ( TRIM ( FRAGMENT ) , ' ' ) 
FROM TABLE ( 
CISTOOLS . SPLIT_STRING ( 
REGEXP_REPLACE ( 
CAST ( 
SPECIALAUTHORITIESJSON AS VARCHAR ( 1000 ) 
CCSID 37 ) , '[\[|\]|\{|\}|\"|\,|\s+]' , 
' ' ) , ' ' ) 
) 
WHERE FRAGMENT <> '' 
AND FRAGMENT IS NOT NULL ) ; 
END IF ; 
SET CISTOOLS . SQL_STATEMENT = 'CHGUSRPRF USRPRF(' || AUTHORIZATIONNAME 
|| ')' ; 
IF TEXTDESCRIPTION IS NOT NULL THEN 
SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' TEXT(' || 
CISTOOLS . GET_QUOTED ( TEXTDESCRIPTION ) || ')' ; 
END IF ; 
IF USERCLASSNAME IS NOT NULL THEN 
SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' USRCLS(' 
|| USERCLASSNAME || ')' ; 
END IF ; 
IF STATUS IS NOT NULL THEN 
SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' STATUS(' 
|| STATUS || ')' ; 
END IF ; 
IF SETPASSWORDTOEXPIRE IS NOT NULL THEN 
SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' PWDEXP(' 
|| SETPASSWORDTOEXPIRE || ')' ; 
END IF ; 
IF USEROWNER IS NOT NULL THEN 
SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' OWNER(' || 
USEROWNER || ')' ; 
END IF ; 
IF GROUPPROFILENAME IS NOT NULL THEN 
SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' GRPPRF(' 
|| GROUPPROFILENAME || ')' ; 
END IF ; 
IF ACCOUNTINGCODE IS NOT NULL THEN 
SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' ACGCDE(' 
|| ACCOUNTINGCODE || ')' ; 
END IF ; 
IF JOBDESCRIPTIONNAME IS NOT NULL THEN 
SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' JOBD(' || 
JOBDESCRIPTIONNAME || ')' ; 
END IF ; 
IF OUTPUTQUEUENAME IS NOT NULL THEN 
SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' OUTQ(' || 
OUTPUTQUEUENAME || ')' ; 
END IF ; 
IF MESSAGEQUEUENAME IS NOT NULL THEN 
SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' MSGQ(' || 
MESSAGEQUEUENAME || ')' ; 
END IF ; 
IF LIMITCAPABILITIES IS NOT NULL THEN 
SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' LMTCPB(' 
|| LIMITCAPABILITIES || ')' ; 
END IF ; 
-- Handle specialAuthorities update 
IF SPECIALAUTHORITIESJSON IS NOT NULL THEN 
SET SPECIALAUTHS = ( 
SELECT LISTAGG ( TRIM ( FRAGMENT ) , ' ' ) 
FROM TABLE ( 
CISTOOLS . SPLIT_STRING ( 
REPLACE ( 
REPLACE ( SPECIALAUTHORITIESJSON , '[' , '' ) , 
']' , '' ) , ',' ) 
) ) ; 
END IF ; 
IF HOMEDIRECTORY IS NOT NULL THEN 
SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' HOMEDIR(' 
|| CISTOOLS . GET_QUOTED ( HOMEDIRECTORY ) || ')' ; 
END IF ; 
IF SPECIALAUTHS IS NOT NULL 
AND LENGTH ( TRIM ( SPECIALAUTHS ) ) > 0 THEN 
SET CISTOOLS . SQL_STATEMENT = CISTOOLS . SQL_STATEMENT || ' SPCAUT(' 
|| SPECIALAUTHS || ')' ; 
END IF ; 
CALL CISTOOLS . SYSTEM ( CISTOOLS . SQL_STATEMENT ) ; 
-- Return JSON with specialAuthorities as array 
RETURN 
COALESCE ( 
( 
SELECT JSON_OBJECT ( 
'success' VALUE 'true' , 
'authorizationName' VALUE AUTHORIZATION_NAME , 
'textDescription' VALUE TEXT_DESCRIPTION , 
'userClassName' VALUE USER_CLASS_NAME , 
'status' VALUE STATUS , 
'groupProfileName' VALUE GROUP_PROFILE_NAME , 
'homeDirectory' VALUE HOME_DIRECTORY , 
'specialAuthorities' VALUE ( 
SELECT JSON_ARRAYAGG ( 
TRIM ( FRAGMENT ) 
) 
FROM TABLE ( 
CISTOOLS . SPLIT_STRING ( 
TRIM ( 
CAST ( 
A . SPECIAL_AUTHORITIES AS VARCHAR ( 
528 ) CCSID 37 ) ) , ' ' ) 
) 
WHERE TRIM ( FRAGMENT ) <> '' ) , 
'lastUsedTimestamp' VALUE LAST_USED_TIMESTAMP 
) 
FROM QSYS2 . USER_INFO A 
WHERE AUTHORIZATION_NAME = UPPER ( AUTHORIZATIONNAME ) ) , 
JSON_OBJECT ( 
'success' : 'false' , 'SQLInfo' VALUE JSON_OBJECT ( 
'messageID' VALUE 'SQL02000' , 
'message' VALUE 'Requested resouce not found ' , 
'currentTimestamp' VALUE CURRENT_TIMESTAMP 
) 
) ) ; 
END  ; 

GRANT ALTER , EXECUTE   
ON SPECIFIC FUNCTION SAILPOINT.ESCHGUSR 
TO AMAPICS WITH GRANT OPTION ; 

GRANT EXECUTE   
ON SPECIFIC FUNCTION SAILPOINT.ESCHGUSR 
TO PUBLIC ;