Saviynt Forums

Hi @NM ,

thanks for the response. Could you please help how can we achieve this? or what queries we have to provide to achieve this?

@SwagatDas13 if else condition to check owner rank 

role.getOwnerRank1().size() eq 0

What about the group approval? We can create a user group but there is nothing we can directly assign as an owner group.

If we add the user group name in a CP value of role then how can we fetch that in workflow?

@SwagatDas13 use a custom assignment block .

In the custom assignment block select customquery from dropdown and then write your query to fetch the user group users matching the custom property of role.

Thank you for your solution @rushikeshvartak . The user group is not assigned to anyone. Actually we have a requirement where some specific roles have 1st level : Group Approval(multiple users) and. 2nd level : Role owner

so I have created a user group and added multiple users in that group and I want to fetch those users whenever the specific role is requested.

• I am assuming group name same as Role Name then 
• using Custom Assignment block and Custom Query 
• Query will 

select ugu.userkey  from Usergroup_users ugu ,user_groups ug where ugu.user_groupkey=ug.USERGROUPKEY and user_groupname='${REQUESTACCESSOBJ.role_name}'

What if we create user group name something different and will store that group name in role CP?

That works

select ugu.userkey  from Usergroup_users ugu ,user_groups ug where ugu.user_groupkey=ug.USERGROUPKEY and user_groupname='${REQUESTACCESSOBJ.customproperty11}'

Do I have to add custom query to fetch rank 2 owner : select userkey from role_owners where rolekey=${REQUESTACCESSOBJ.id} and rank in (2)

What I want to achieve is for some role it should work from Role rank 1 -> Role rank 2 and if Role Rank 1 is not there then to check if there is User group -> Role Rank 2 and if both role rank 1 and user group not present then it should go directly to Role rank 2.

this workflow didn't worked, it gave error when we submitted request.

Did you validated logs

Will Check, but need to confirm if the above workflow should work or not. Could you please confirm that.

You need to segregate account vs entitlement as Entitlement will only have owner also if workflow assigned to security system then entitlement.getOwnerRank2()

I have tried to make some changes but it is giving below error in logs :

@SwagatDas13 share workflow wiring ss

Hi @NM ,

Please find the wflow ss above. Thanks

We are getting below error for above part :

Exception in workflow service
"org.jbpm.api.JbpmException: script evaluation error: javax.script.ScriptException: groovy.lang.MissingPropertyException: No such property: role for class: Script9 at org.jbpm.pvm.internal.script.ScriptManager.evaluate(ScriptManager.java:127) at org.jbpm.pvm.internal.script.ScriptManager.evaluate(ScriptManager.java:115) at org.jbpm.pvm.internal.script.ScriptManager.evaluateExpression(ScriptManager.java:87) at org.jbpm.pvm.internal.el.ScriptExpression.evaluateInScope(ScriptExpression.java:48) at org.jbpm.pvm.internal.el.Expression.evaluate(Expression.java:108) at org.jbpm.pvm.internal.model.ExpressionCondition.evaluate(ExpressionCondition.java:41) at org.jbpm.jpdl.internal.activity.DecisionConditionActivity.findTransitionUsingConditions(DecisionConditionActivity.java:62) at org.jbpm.jpdl.internal.activity.DecisionConditionActivity.execute(DecisionConditionActivity.java:47) at org.jbpm.jpdl.internal.activity.DecisionConditionActivity.execute(DecisionConditionActivity.java:43) at org.jbpm.pvm.internal.model.op.ExecuteActivity.perform(ExecuteActivity.java:60) at org.jbpm.pvm.internal.model.ExecutionImpl.performAtomicOperationSync(ExecutionImpl.java:672) at org.jbpm.pvm.internal.model.ExecutionImpl.performAtomicOperation(ExecutionImpl.java:632) at org.jbpm.pvm.internal.model.ExecutionImpl.start(ExecutionImpl.java:217) at org.jbpm.pvm.internal.cmd.StartProcessInstanceInLatestCmd.execute(StartProcessInstanceInLatestCmd.java:63) at org.jbpm.pvm.internal.cmd.StartProcessInstanceInLatestCmd.execute(StartProcessInstanceInLatestCmd.java:36) at org.jbpm.pvm.internal.svc.DefaultCommandService.execute(DefaultCommandService.java:42) at org.jbpm.pvm.internal.tx.SpringCommandCallback.doInTransaction(SpringCommandCallback.java:45) at org.jbpm.pvm.internal.tx.SpringTransactionInterceptor.execute(SpringTransactionInterceptor.java:49) at org.jbpm.pvm.internal.svc.EnvironmentInterceptor.executeInNewEnvironment(EnvironmentInterceptor.java:53) at org.jbpm.pvm.internal.svc.EnvironmentInterceptor.execute(EnvironmentInterceptor.java:40) at org.jbpm.pvm.internal.svc.RetryInterceptor.execute(RetryInterceptor.java:56) at org.jbpm.pvm.internal.svc.ExecutionServiceImpl.startProcessInstanceByKey(ExecutionServiceImpl.java:71) at com.saviynt.ecm.services.WorkflowService.workflowaccessreqStart(WorkflowService.groovy:1086) at com.saviynt.ecm.services.WorkflowService$_createRequestFinalStep_closure294.doCall(WorkflowService.groovy:25338) at com.saviynt.ecm.services.WorkflowService.createRequestFinalStep(WorkflowService.groovy:22140) at com.saviynt.ecm.workflow.WorkflowmanagementController$_closure170.doCall(WorkflowmanagementController.groovy:11119) at grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter.doFilter(GrailsAnonymousAuthenticationFilter.java:53) at com.saviynt.webservice.SaviyntRestAuthenticationFilter.doFilter(SaviyntRestAuthenticationFilter.groovy:158) at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:62) at grails.plugin.springsecurity.web.SecurityRequestHolderFilter.doFilter(SecurityRequestHolderFilter.java:59) at com.mrhaki.grails.plugin.xframeoptions.web.XFrameOptionsFilter.doFilterInternal(XFrameOptionsFilter.java:69) at com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82) at java.lang.Thread.run(Thread.java:750)Caused by: javax.script.ScriptException: javax.script.ScriptException: groovy.lang.MissingPropertyException: No such property: role for class: Script9 at org.codehaus.groovy.jsr223.GroovyScriptEngineImpl.eval(GroovyScriptEngineImpl.java:152) at javax.script.AbstractScriptEngine.eval(AbstractScriptEngine.java:264) at org.jbpm.pvm.internal.script.ScriptManager.evaluate(ScriptManager.java:123) ... 32 moreCaused by: javax.script.ScriptException: groovy.lang.MissingPropertyException: No such property: role for class: Script9 at org.codehaus.groovy.jsr223.GroovyScriptEngineImpl.eval(GroovyScriptEngineImpl.java:349) at org.codehaus.groovy.jsr223.GroovyScriptEngineImpl.eval(GroovyScriptEngineImpl.java:146) ... 34 moreCaused by: groovy.lang.MissingPropertyException: No such property: role for class: Script9 at Script9.run(Script9.groovy:1) at org.codehaus.groovy.jsr223.GroovyScriptEngineImpl.eval(GroovyScriptEngineImpl.java:346) ... 35 more"

it should be entitlement. not role.

Hi @rushikeshvartak ,

I have tried with entitlement.getOwnerRank1().size() eq 0 as well but getting below error :

Refer https://forums.saviynt.com/t5/community-knowledge-base/workflow-check-if-app-role-owner-is-submittin...

Thanks, Tried all but didn't worked. Any other help if possible?

Share workflow export zip

Hi @rushikeshvartak ,

Attached workflow export

• entitlement.getOwnerRank1().contains(user.username)

It is not giving error now but workflow doesn't work as per the scenarios we have.