Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry. Saviynt Copilot Icon
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Global config Role Request Query

PHN
New Contributor III
New Contributor III

‎06/17/2024 09:54 AM - edited ‎06/17/2024 10:01 AM

Hello All,

Our requirement is to only expose project-specific enterprise roles to users. The project name is being stored at custom properties of user CP40 and role CP40. So we can compare role and user custom properties to make specific role request able. One role can only belong to one project but one user can belong to multiple projects. 

Using Request Roles Query in -> Global config

Case 1) when user is part of one project, this is working fine

Query: and rl.customproperty40 like concat('%',(select u.customproperty40 from Users u where u.id={currentUser}),'%')

Values: Role.customproperty40 = NOL-NORD

            User.customproperty40 = NOL-NORD

Case 2) User with multiple projects - Tried multiple ways to form query but no luck

Values: Role.customproperty40 = NOL-NORD

            User.customproperty40 = NOL-NORD,NOL-SUED

Query: and rl.customproperty40 like concat('%',(select replace(u.customproperty40, ',', '%\' or rl.customproperty40 like \'%')  from Users u where u.id={currentUser}),'%')

-> This is throwing error “illegalArgumentException, replace method is not supported in Hibernate query“

Query: and rl.customproperty40 in (select u.customproperty40 from Users u where u.id={currentUser})

-> This is failing because subquery only returns one row like this NOL-NORD,NOL-SUED

Query:   rl.customproperty40 in (select sv.customproperty17 from Users u, Savroles sv, User_savroles us where u.id=us.userkey and sv.id=us.rolekey and u.id={currentUser})

-> Failed because Savroles table is not exposed

 

Has anyone implemented a similar kind of query in Global config to compare multiple values in role requestable configuration?

 

Thanks,

Labels:
0 Kudos
4 REPLIES 4

rushikeshvartak
All-Star
All-Star

‎06/17/2024 10:19 AM

and (
rl.customproperty40 like concat('%', (select trim(substring_index(substring_index(u.customproperty40, ',', n.n), ',', -1))
from Users u, (select 1 as n union all select 2 union all select 3 union all select 4) n
where u.id = {currentUser} and char_length(u.customproperty40) - char_length(replace(u.customproperty40, ',', '')) >= n.n - 1), '%')
or rl.customproperty40 like concat('%', (select trim(substring_index(substring_index(u.customproperty40, ',', n.n + 1), ',', -1))
from Users u, (select 1 as n union all select 2 union all select 3 union all select 4) n
where u.id = {currentUser} and char_length(u.customproperty40) - char_length(replace(u.customproperty40, ',', '')) >= n.n), '%')
)


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

PHN
New Contributor III
New Contributor III
In response to rushikeshvartak

‎06/18/2024 02:39 AM

Thank you, Rushikesh,

Tried using the given query but it is throwing error. Seems it is not supporting the subqeury (select 1 as n union all select 2 union all select 3 union all select 4). it is working for you?

and rl.customproperty40 like concat('%', (select trim(substring_index(substring_index(u.customproperty40, ',', n.n), ',', -1)) from Users u, (select 1 as n union all select 2 union all select 3 union all select 4) n where u.id = {currentUser} and char_length(u.customproperty40) - char_length(replace(u.customproperty40, ',', '')) >= n.n - 1), '%')

----------------

2024-06-18T11:36:04+02:00-idwms-c.s.s.i.e.ControllerExceptionHandler-http-nio-9091-exec-8-g5spn-ERROR-Error : {}|java.lang.IllegalArgumentException: org.hibernate.hql.internal.ast.QuerySyntaxException: unexpected token: ( near line 1, column 225 [Select rl.id from com.saviynt.ssm.entity.Roles rl where 1=1 and rl.customproperty40 like concat('%', (select trim(substring_index(substring_index(u.customproperty40, ',', n.n), ',', -1)) from com.saviynt.ssm.entity.Users u, (select 1 as n union all select 2 union all select 3 union all select 4) n where u.id = 3666 and char_length(u.customproperty40) - char_length(replace(u.customproperty40, ',', '')) >= n.n - 1), '%')]| at org.hibernate.internal.ExceptionConverterImpl.convert(ExceptionConverterImpl.java:138) 

Thanks,

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to PHN

‎06/18/2024 08:05 PM

Not working in v24.6

rushikeshvartak_0-1718766297507.png

 


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

PHN
New Contributor III
New Contributor III

‎06/19/2024 02:07 AM

Thank you for checking.

0 Kudos
Copyright © 2024 Khoros, LLC