|
2 | 2 |
|
3 | 3 | All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/), and this project adheres to [Semantic Versioning](https://semver.org/). |
4 | 4 |
|
5 | | -## [2.0.0] - 2025-12-24 |
| 5 | +## [2.0.0] - 2026-01-07 |
6 | 6 |
|
7 | | -This is a major release of HelloID-Conn-Prov-Target-Blacklist-SQL with significant enhancements to match the CSV blacklist connector functionality and Tools4ever V2 connector standards. |
| 7 | +This is a major release of HelloID-Conn-Prov-Target-Blacklist-SQL with significant enhancements to match the CSV blacklist connector functionality and Tools4ever V2 connector standards, plus major improvements to code maintainability, configurability, and operational transparency. |
8 | 8 |
|
9 | 9 | ### Added |
10 | 10 |
|
11 | | -- **Retention period support**: Configurable retention period for deleted values with automatic expiration logic |
12 | | -- **Cross-check validation**: Support for `crossCheckOn` configuration to validate uniqueness across different attribute types (e.g., checking if an email exists as a proxy address) |
13 | | -- **keepInSyncWith functionality**: Automatic cascading of non-unique status across related fields |
14 | | -- **Skip optimization**: Redundant database queries are automatically skipped once a field is marked non-unique |
15 | | -- **Multiple records handling**: Improved logic to filter by employeeId when multiple rows are found |
16 | | -- **Enhanced error handling**: New action types `OtherEmployeeId` and `MultipleFound` with detailed error messages |
17 | | -- **Timestamp tracking**: Added `whenCreated`, `whenUpdated`, and `whenDeleted` columns with proper datetime2(7) precision |
18 | | -- **Comprehensive documentation**: Restructured README with use cases, supported features table, and V2 template compliance |
19 | | -- **Credential support**: Full SQL authentication support with secure credential initialization |
| 11 | +- Retention period support with configurable duration for deleted values and automatic expiration logic |
| 12 | +- `retentionPeriod` configuration parameter to specify how many days deleted values remain blocked before reuse |
| 13 | +- Cross-check validation via `crossCheckOn` configuration to validate uniqueness across different attribute types (e.g., checking if an email exists as a proxy address) |
| 14 | +- `keepInSyncWith` functionality to replace legacy `syncIterations` approach, providing automatic cascading of non-unique status across related fields |
| 15 | +- `$allowSelfUsage` configuration in `checkOnExternalSystemsAd.ps1` to control whether persons can reuse their own values (replaces `$excludeSelf`) |
| 16 | +- `$fieldsToCheck` object-based configuration in `checkOnExternalSystemsAd.ps1` to replace simple `$attributeNames` array |
| 17 | +- Skip optimization to automatically skip redundant database queries once a field is marked non-unique |
| 18 | +- Action types `OtherEmployeeId` and `MultipleFound` for enhanced error handling with detailed error messages |
| 19 | +- Database columns `whenCreated` and `whenUpdated` with datetime2(7) precision for timestamp tracking |
| 20 | +- PowerShell-based timestamp generation using `Get-Date -Format "yyyy-MM-ddTHH:mm:ss.fff"` for consistent datetime2(7) precision |
| 21 | +- Detailed audit logging in Update and Delete actions showing exactly which fields are modified and their new values |
| 22 | +- `#region Configuration` block in `checkOnExternalSystemsAd.ps1` for better code organization |
| 23 | +- README section "Configuring checkOnExternalSystemsAd.ps1" with detailed configuration examples |
| 24 | +- README warnings for retention period synchronization and initial configuration requirements |
| 25 | +- README use cases section explaining practical applications of the blacklist connector |
| 26 | +- README supported features table documenting available capabilities |
20 | 27 |
|
21 | 28 | ### Changed |
22 | 29 |
|
23 | | -- **Create script**: Restructured to match CSV connector format with improved action calculation logic |
24 | | -- **Update script**: Aligned with create script logic including retention period validation |
25 | | -- **Delete script**: Rewritten to process per-attribute instead of bulk updates, matching CSV structure |
26 | | -- **checkOnExternalSystemsAd.ps1**: Complete rewrite with advanced field checking configuration and retention period awareness |
27 | | -- **fieldMapping.json**: Updated to match CSV structure exactly (employeeId only for Create, attributes for Create/Update/Delete) |
28 | | -- **Logging**: Changed from Write-Information intentions to result-based logging; adjusted log levels (unique=Information, non-unique=Warning) |
29 | | -- **Audit logs**: Moved inside non-dryRun blocks to prevent audit entries during preview mode |
30 | | -- **SQL queries**: Simplified UPDATE queries to only modify `whenDeleted` and `whenUpdated` fields |
31 | | -- **Account reference**: Moved to absolute top of create script for consistency |
32 | | - |
33 | | -### Fixed |
34 | | - |
35 | | -- **SQL syntax errors**: Fixed bracket joining in SELECT queries that caused "missing or empty column name" errors |
36 | | -- **UPDATE query logic**: Removed employeeId from SET clause and added to WHERE clause for proper record targeting |
37 | | -- **Credential initialization**: Fixed missing credential code in checkOnExternalSystemsAd.ps1's Invoke-SQLQuery function |
38 | | -- **Configuration**: Removed invalid type field from retentionPeriod configuration |
| 30 | +- Create script restructured to match CSV connector format with improved action calculation logic |
| 31 | +- Update script aligned with Create script logic including retention period validation |
| 32 | +- Delete script rewritten to process per-attribute instead of bulk updates |
| 33 | +- `whenDeleted` column type changed from `date` to `datetime2(7)` for precision and consistency |
| 34 | +- checkOnExternalSystemsAd.ps1 field checking logic enhanced with retention period awareness and cross-attribute validation |
| 35 | +- fieldMapping.json updated to match CSV structure (employeeId only for Create, attributes for Create/Update/Delete) with Complex mapping mode using conditional logic |
| 36 | +- Credential initialization in checkOnExternalSystemsAd.ps1's Invoke-SQLQuery function now properly creates SqlCredential object |
| 37 | +- Configuration comments expanded with detailed explanations of field checking logic, cross-checking, and field synchronization |
| 38 | +- README lifecycle action descriptions enhanced with detailed scenario coverage including retention period behavior |
| 39 | +- README additional scripts descriptions improved with retention period logic details |
| 40 | +- Logging changed from Write-Information intentions to result-based logging with adjusted log levels (unique=Information, non-unique=Warning) |
| 41 | +- Audit logs moved inside non-dryRun blocks to prevent audit entries during preview mode |
| 42 | +- SQL UPDATE queries simplified to only modify `whenDeleted` and `whenUpdated` fields |
| 43 | +- Account reference moved to absolute top of create script for consistency |
| 44 | +- Update and Delete actions refactored to build SET clauses dynamically from object properties |
| 45 | +- Logging in checkOnExternalSystemsAd.ps1 improved to distinguish between self-usage scenarios and retention period validations |
39 | 46 |
|
40 | 47 | ### Deprecated |
41 | 48 |
|
42 | 49 | - Legacy syncIterations and syncIterationsAttributeNames approach replaced by keepInSyncWith configuration |
43 | 50 |
|
44 | 51 | ### Removed |
45 | 52 |
|
46 | | -- `whenDeleted` field from fieldMapping.json (managed internally by scripts) |
| 53 | +- `whenDeleted` field from fieldMapping.json (now managed internally by scripts) |
47 | 54 | - Unnecessary Write-Information statements for action intentions |
48 | 55 |
|
49 | 56 | ## [1.1.0] - 2024-12-12 |
|
0 commit comments