This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Hiding admin accounts

CRashmitha
New Contributor
New Contributor

‎06/29/2023 04:19 AM

Hello Team,

We have a required where Users with ROLE_ADMIN sav role should be the only one to request access for other users with ROLE_ADMIN. 

If the user is having Enduser savrole then that should not be able to request for the user who is having Admin Savrole.

We are trying to acheive it by Admin-->identity repository-->Savroles-->Advanced query

Can someone help me with the sample query.

Regards,

Rashmitha

Labels:
0 Kudos
8 REPLIES 8

rushikeshvartak
All-Star
All-Star

‎06/29/2023 04:40 AM

Hide on request for access ?


Regards,
Rushikesh Vartak
0 Kudos

CRashmitha
New Contributor
New Contributor

‎06/29/2023 04:43 AM

Hello Rushikesh,

Yes whenever the user is raising for the request access for others, the ADMIN accounts should be hide for the users who is having enduser savrole.

Regards,

Rashmitha

0 Kudos

rushikeshvartak
All-Star
All-Star
In response to CRashmitha

‎06/29/2023 04:45 AM - edited ‎06/29/2023 05:59 AM

You can manage in access query of endpoint

userkey not in(select userkey from user_savroles where rolekey=1)


Regards,
Rushikesh Vartak
0 Kudos

naveenss
All-Star
All-Star

‎06/29/2023 05:24 AM

Hi @CRashmitha ,

If your requirement is to not show the endusers savroles users with the users having ROLE_ADMIN sav role. Try the below query in the "Whom to Request" option as a JSON in the ROLE_ENDUSER sav role.

[{"for":"RequestAccessforOthers","query":"select a from Users a where a.statuskey = 1 and a.id not in (select userkey from User_savroles where rolekey=1)"}]

 

Regards,
Naveen Sakleshpur
If this reply answered your question, please click the Accept As Solution button to help future users who may have a similar problem.
0 Kudos

CRashmitha
New Contributor
New Contributor

‎07/10/2023 02:12 AM

Hello @naveenss our requirement is if the user is having Enduser savrole then that user should not be able to request for the user who is having Admin Savrole.

We have tried with the below query, and we are able to see only one user under request for others tab

[{"for":"RequestAccessforOthers","query":"select a from Users a where a.statuskey = 1 and a.id not in (select userkey from User_savroles where rolekey=1)"}]

0 Kudos

naveenss
All-Star
All-Star
In response to CRashmitha

‎07/10/2023 03:09 AM - edited ‎07/10/2023 03:09 AM

can you execute the below query in data analyzer and see how many records you're getting?

 

select count(1) from users a where a.statuskey = 1 and a.userkey not in (select userkey from user_savroles where rolekey=1)

 

Regards,
Naveen Sakleshpur
If this reply answered your question, please click the Accept As Solution button to help future users who may have a similar problem.
0 Kudos

CRashmitha
New Contributor
New Contributor

‎07/10/2023 04:19 AM

Hello @naveenss , I am fetching more than 10k records.

As part of testing we have created one Enduser savrole and testing with the below query and able to see all the records i mean more than 10k records under request access for others.

[{"for":"RequestAccessforOthers","query":"select a from Users a where a.statuskey = 1 and a.id not in (select userkey from User_savroles where rolekey=1)"}]

0 Kudos

naveenss
All-Star
All-Star
In response to CRashmitha

‎07/10/2023 06:26 AM

Ok.  Is this resolved? Anymore open issues?

Regards,
Naveen Sakleshpur
If this reply answered your question, please click the Accept As Solution button to help future users who may have a similar problem.
0 Kudos
Copyright © 2023 Khoros, LLC