Saviynt Forums

kunal_saxena · ‎04/29/2024

Hi,

We have requirement to restrict an Enterprise Role such that it should only be requestable for employees, i.e., enterprise role should show up in ARS only if the beneficiary is an employee (employeetype=Employee).

We tried to implement this requirement using Global Configuration > Role Request > Request Roles Query.
Queries tried:

and UPPER(rl.customproperty1) = (select UPPER(u.employeeType) from users u where u.id={currentUser})
and UPPER(rl.customproperty1) = (select UPPER(u.employeeType) from users u where u.id={requestee})

However, they did not work. We are on NeoUI and requesting enterprise role has been shifted to Home > My Access > Request new enterprise role.
Even on selecting an employee, no enterprise role is displayed for request.

FYI - Referred to this document: https://docs.saviyntcloud.com/bundle/KBAs/page/Content/Use-case-of-Request-Roles-Query.htm

Can someone please let me know how we can achieve the above requirement?

Thanks,

Kunal

PremMahadikar · ‎04/29/2024

Hi @kunal_saxena ,

Role query here is case-insensitive
Use 'Users' and not users

Below is the correct query:

and rl.customproperty1 = (select users.employeeType from Users users where users.id={currentUser})

If you find the above response useful, Kindly Mark it as Accept As Solution and hit Kudos

Best,
Prem Mahadikar

kunal_saxena · ‎04/29/2024

Thanks @PremMahadikar . This resolved the issue.

Manu269 · ‎04/29/2024

Hello,

For similar case, we used up 1 cp of role and added the employee Type details.

Further in role request query:

and rl.customproperty10 = (select users.customproperty10 from Users users where users.id={currentUser})

Regards
Manish Kumar
If the response answered your query, please Accept As Solution and Kudos
.

Saviynt Forums

Request Roles Query - restrict role only for employees