Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

Market specific roles are not visible to few users.

deepali198
New Contributor
New Contributor

Hi,

We have configured role type query at endpoint level to show roles based on user type and custom properties (Market Value).

We have observed that foe few users all the roles are not visible. After checking logs, we found that for the users which roles are not visible in the logs ' r.id not in' contains all the roles specific to endpoint instead of 'r.id not in(-1)' for which it is working fine.

Working query: 

2024-05-08 13:48:46,969 [https-jsse-nio-443-exec-425] DEBUG workflow.WorkflowmanagementController  - listQry:select r from Roles r  where r.status=1 and r.requestable=true and r.roletype=4 and r.endpointkey=1153  and r.id not in(318360, 318372, 318364)  and r.id not in(-1)  and ((r.customproperty6 = 'NL - Netherlands' and (((r.customproperty5=(select u2.customproperty55 from Users u2 where u2.username='1000005122')) or r.customproperty5 is null or r.customproperty5 =''))))   order by r.role_name asc

User with above issue:

2024-05-08 13:05:00,254 [https-jsse-nio-443-exec-352] DEBUG workflow.WorkflowmanagementController  - listQry:select r from Roles r  where r.status=1 and r.requestable=true and r.roletype=4 and r.endpointkey=1153  and r.id not in(318224, 318225)  and r.id not in(196611, 262148, -1, 196610, 262149, 196609, 262150, 196608, 262151, 196615, 262144, 196614, 262145, 196613, 262146, 196612, 262147)  and ((r.customproperty6 = 'GR - Greece' and (((r.customproperty5=(select u2.customproperty55 from Users u2 where u2.username='1000139710')) or r.customproperty5 is null or r.customproperty5 =''))))   order by r.role_name asc

Can you please help to understand what the issue could be.

7 REPLIES 7

Manu269
All-Star
All-Star

Did you  validate the query via analyzer?

Please add screenshots (hiden sensitive Information) for further review.

Regards
Manish Kumar
If the response answered your query, please Accept As Solution and Kudos
.

naveenss
All-Star
All-Star

Hi @deepali198 please check if there is any pending task related to the entitlement associated with the endpoint specific role. 

 

Regards,
Naveen Sakleshpur
If this reply answered your question, please click the Accept As Solution button to help future users who may have a similar problem.

Yes it is Naveen, There are few pending tasks  entitlement associated with the role is there.. is it causing the issue?

 

Yes @debrbasu I've seen this behavior in the past for one of the integration. Try discontinuing/completing the task and check the behavior.

 

Regards,
Naveen Sakleshpur
If this reply answered your question, please click the Accept As Solution button to help future users who may have a similar problem.

@naveenss Do you know if this known issue or product behavior. Any workaround for this issue?

itinjic
Regular Contributor
Regular Contributor

Based on the information provided, it seems that the issue may be with the "r.id not in" condition in the query.

In the working query, you have "r.id not in(-1)", which means that you are excluding role IDs equal to -1. This is a common practice to exclude any invalid or default ID values.

However, in the query for the user with the issue, you have a long list of role IDs in the "r.id not in" condition. This may be causing the roles to not be visible for that user.

To fix this issue, you can modify the query to include "r.id not in(-1)" for all cases, regardless of whether the user has specific role IDs to exclude. This will ensure that the roles are visible for all users.

Modified query for the user with the issue:

 

```
select r from Roles r where r.status=1 and r.requestable=true and r.roletype=4 and r.endpointkey=1153 and r.id not in(318224, 318225, -1) and ((r.customproperty6 = 'GR - Greece' and (((r.customproperty5=(select u2.customproperty55 from Users u2 where u2.username='1000139710')) or r.customproperty5 is null or r.customproperty5 ='')))) order by r.role_name asc
```

By including "r.id not in(-1)" in the query, you ensure that the roles with ID -1 are not excluded for any user. This should make all roles visible for the user in question.

If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

rushikeshvartak
All-Star
All-Star

This is expected behavior reason as below

  • pending task for user and entitlement.
  •  
  • User will be able to see entitlements only when all pending tasks has been completed  

Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.