We are trying to use Role Metadata in workflow (in if/else block or custom assignment). Whereas what we have observed is using the variable the request is not getting submitted. If possible can you please share as well as publish the details for extracting the same :
1. In If/Else Condition, how to check if Role Custom Property has any value. (Ex: role--> CustomProperty1 contains Yes)
2. How to check the values for following Role parameters in If/Else Workflow block :
Sox Critical, Sys Critical, Privileged, Confidentiality, Role Type
3. Assign Request for approvals to all Role Owners or Owners with specific rank?
4. Help with following Query :
a) Complete role details like Role Name, Owner, Entitlement Associated & Entitlement Owner of that Role.
Solved! Go to Solution.
You can use OOTB variable 'entitlement' in approval workflow to refer to the application role name and its properties.
I hope this will help you to get the answers for your remaining queries, try and let us know.
Persistent Systems Ltd.
I referred this document and could not find anything that would help to identify role related metadata information using OOTB variable 'entitlement' .
If possible, can you please share sample:
How can i fetch custom property/Sox Critical/Sys Critical/Privileged/Confidentiality/Role Type information in if/else workflow condition
Refer to the following freshdesk documentation for workflow components. You will find sample conditions which you can use.
Persistent Systems Ltd.
I tried using the below :
1. role.customproperty1='Yes' --> use role custom property
2. entitlement.allowner.contains(requestedBy.username) -- Check for Entitlement owner as requestor
3.Checking role is sox critical
role.soxcritical = High
role.soxcritical > 1
4.To auto approve the new role requests when the condition matches the role owner and the requestor.
role.getOwnerRank1().contains(user.username) eq true
All above sample gave error and request was not submitted. Need assistance
Are there any specific errors ? Are you not able to submit the request itself ?
Perhaps, looking at the logs and analyzing will help.
Attached the logs
Yes, even I identified that variable not exposed.
I don't have access to application.properties access for customer env. I only have this information : Saviynt v5.5SP3
Anyhow, can you please help me answering the below query:
a) How to check if the requestor/requestee is not the owner of Role for which request is being raised in if/else block workflow?
b) Condition to check sox critical, Confidentiality, Privileged,Sys Critical of the role in if/else block workflow?
c) How To auto approve the new role requests when the condition matches the role owner and the requestor?
Please refer to the link below for documentations on some of your questions.
Have you tried using these ? Are these not working, any errors that you see that might help troubleshoot your issue ?
Following are few points :
a) How to check if the requestor/requestee is not the owner of Role for which request is being raised in if/else block workflow? --> There is no such example shared.
b) Condition to check sox critical, Confidentiality, Privileged,Sys Critical of the role in if/else block workflow? --> There is no such example shared. I tried using role.confidentiality but says role object not exposed.
c) How To auto approve the new role requests when the condition matches the role owner and the requestor? --> role.getOwnerRank1().contains(user.username) eq true
Tried using above condition but same error, role object not exposed.
If role object is not working have you tried the entitlement object ?
What is the attribute name to be used for :
a) sox critical, Confidentiality, Privileged,Sys Critical with entitlement object?
b) entitlement.getOwnerRank1().contains(user.username) eq true
using above condition, the task is getting assigned to admin
You can try using the variable names all in lower case. for e.g. entitlement.soxcritical, entitlement.syscritical etc
Just keep in mind that Saviynt stores these values as numeric values in the backend database, for e.g.
Very Low = 1
Low = 2
Medium = 3
High = 4
very High = 5
For the second question, I'm assuming that the expression is now getting resolved.
Based on your requirement, you can use the workflow components to re-direct the "true" outcome from the if/else to any workflow component that you want, i.e. CustomAssignment, Resource Owner Approval etc
The expression entitlement.privileged is not working:
javax.el.PropertyNotFoundException: Property [privileged] not found on type [com.saviynt.ecm.identitywarehouse.domain.Roles]
Based on the error, it doesnt seem like the privileged attribute is exposed. May I know which Saviynt version you are on ?
Hi Avinash, we are on version 5.5 SP 3.7.3.
Can you try with the below format, (Note : There's a typo in the variable name).
thanks, this does work.
Is their a way how I can find out the available variables and their naming?
I do see a section under workflow creation called help.
If this can be enhanced to provide supported variables would be great?
Thanks and Regards,
As of now, what we have is the documentation or the help feature as Manish suggested.
We will definately provide your feedback to the PM team.