This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

RSA® Identity Governance & Lifecycle Discussions

Discussions about RSA Identity Governance & Lifecycle.
PaulDuer
Beginner
Beginner
‎2016-05-24 11:19 AM

How do single quotes work in SQL with patch 13 for 6.9.1?

Jump to solution

Okay, we have a request worflow with the SQL below as it's first node:

 

SELECT  NVL(supervisor_id,0) AS supervisor_id, CASE

  WHEN supervisor_id is null THEN '311'  ELSE ''

  END IS_SUP_UPDATED  from           T_MASTER_ENTERPRISE_USERS

  WHERE user_id = '${access_request_cri_meu_userId}'

 

Before patch 13, everything worked FINE. Now we get this error:

 

nested exception is: java.sql.SQLException: ORA-00933: SQL command not properly ended Error occurred in Statement #1 in Script ID 17:WPDS, Script Name = 'SQL Query', Script type = 'Action'. Job ID = 170625:WPDS, Process Ref = 'WF_RR_8900', Node Name = 'Null Supervisor', WorkItem = 1034344:WPDS:1

 

 

What are the NEW rules around single quotes?

 

We know that USER_ID is a NUMBER in the master users table. So WHY when I remove the single quotes from the where clause does it break?

 

Is it because of the VIA parameter right there? Will the SQL processor just plain not save that?

 

What gives?

Reply
1 Solution

Accepted Solutions
ReubenFisher
Employee
Employee
‎2016-05-24 01:28 PM

Jump to solution

I believe the issue is that we now keep the quotes as literal quotes that are concatenated to the variable value.

So - If we start with ‘${x}’

  1. For execution, we change it to ‘’ || ? || ‘’ and then execute a prepared statement
  2. For design-time validation, we are executing a static sql statement so  we change it to ‘’ || 0 || ‘’

I am working on changing the processing as follows:

  1. Remove the quotes around the variable name so they are ignored. This is the original intent of the sql.
  2. Use a prepared statement for design-time validation

View solution in original post

Reply
4 Replies
ReubenFisher
Employee
Employee
‎2016-05-24 01:28 PM

Jump to solution

I believe the issue is that we now keep the quotes as literal quotes that are concatenated to the variable value.

So - If we start with ‘${x}’

  1. For execution, we change it to ‘’ || ? || ‘’ and then execute a prepared statement
  2. For design-time validation, we are executing a static sql statement so  we change it to ‘’ || 0 || ‘’

I am working on changing the processing as follows:

  1. Remove the quotes around the variable name so they are ignored. This is the original intent of the sql.
  2. Use a prepared statement for design-time validation

View solution in original post

Reply
PaulDuer
Beginner
Beginner
In response to ReubenFisher
‎2016-05-24 01:34 PM

Jump to solution

Thanks Reuben, that does help a lot.

 

Looking at my original SQL, I *think* now that the '${access_request_cri_meu_userId}' variable is JUNK.

 

I don't think it exists! I think that our original DEV built this SQL and they got a result that was a FALSE positive!

 

Workpoint has been driving me nuts that it doesn't do compile time checking of types that they are defined and initialized.

 

I really want to just dump this all out to a C# based WebService where I can log out WHAT I got in!

0 Likes
Reply
ReubenFisher
Employee
Employee
In response to PaulDuer
‎2016-05-26 12:12 AM

Jump to solution

I'm not up to speed on the workflow editor sql syntax and all of its peculiarities. But I'm working on it.
I am currently workng on a more comprehensive fix for several issued related to how we handle parameter names with prepared statements.

 

Glad this was helpful. Were you able to work around it?

0 Likes
Reply
SabthamiS
Beginner
Beginner
In response to ReubenFisher
‎2017-05-02 12:16 PM

Jump to solution

Hi Reuben,

 

I have a similar issue after the upgrade. Hope you can help on the below thread. I'm not sure which part of the SQL 

Query needs to be updated.Kindly help me on this.

 

Invalid column index - SQL Query Node 

 

Many thanks in advance !!!

 

Regards,

Sabthami Subramanian

0 Likes
Reply
© 2020 RSA Security LLC or its affiliates.
All rights reserved.