Saviynt Forums

Murmur · ‎04/04/2024

Hi everyone,

I'm trying to create a SAV Role, that allows users to send Update User Requests for a specific set of Users.

To be exact, they should fith the following HQL Query:

select a from Users a where a.customproperty1 = 'Saviynt' and (a.owner = '${users.username}' OR a.createdby = '${users.username}')

Unfortunately, every time I try top enter this i receive the following message:

Most of the query works, but I'm not able to use createdby, no matter, if I try to compare it with a static value or a variable, as depicted above.

Any idea how to achieve this?

Cheers 🙂

Raghu · ‎04/04/2024

try like below

select a from Users a where a.customproperty1 = 'Saviynt' and (a.owner = '${users.id}' OR a.createdby = '${users.id}')

or

[{"for": "UpdateUserRequest","query":"select a from Users a where a.customproperty1 IN ('Saviynt') and (a.owner = '${users.id}' OR a.createdby = '${users.id}')"}]

ref: https://forums.saviynt.com/t5/identity-governance/whom-to-request-from-advance-query-sav-role/m-p/83...

Thanks,
Raghu
If this reply answered your question, Please Accept As Solution and hit Kudos.

Murmur · ‎04/04/2024

Hi @Raghu

The issue is not that it isn't working, but I can not even enter it, with the above error message, because of the highlighted part:

select a from Users a where a.customproperty1 = 'Saviynt' and (a.owner = '${users.username}' OR a.createdby = '${users.username}')

Besides that, the approach using the attribute ID will not work, as a.owner, as well as a.createdby are populated with the username, not the userid.

I tested it though (using JSON insted of HQL) and were not able to retrieve any records in Update User Request.

Cheers 🙂

rushikeshvartak · ‎04/04/2024

Please share logs once you click on tile.

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Murmur · ‎04/04/2024

"2024-04-05T06:20:06.679+00:00","ecm","","null-txclz","","2024-04-05T06:20:06.163406082Z stdout F org.springframework.orm.hibernate3.HibernateQueryException: could not resolve property: createdby of: com.saviynt.ecm.identitywarehouse.domain.Users [select a from com.saviynt.ecm.identitywarehouse.domain.Users a where a.customproperty1 = 'Saviynt' and (a.owner = 'me@mylab.de' OR a.createdby = 'me@mylab.de')]; nested exception is org.hibernate.QueryException: could not resolve property: createdby of: com.saviynt.ecm.identitywarehouse.domain.Users [select a from com.saviynt.ecm.identitywarehouse.domain.Users a where a.customproperty1 = 'Saviynt' and (a.owner = 'me@mylab.de' OR a.createdby = 'me@mylab.de')]"

Do you guys know any way around this? Or if there is an overview what is supported by com.saviynt.ecm.identitywarehouse.domain.Users?

Raghu · ‎04/05/2024

can you check instead of hql use json and try it

[{"for": "UpdateUserRequest","query":"select a from Users a where a.customproperty1 IN ('Saviynt') and (a.owner = '${users.id}' OR a.createdby = '${users.id}')"}]

Thanks,
Raghu
If this reply answered your question, Please Accept As Solution and hit Kudos.

Murmur · ‎04/05/2024

Hi @Raghu

Same as above, it does not return any results, even though there should be several fitting ones.

Manu269 · ‎04/05/2024

@Murmur My assumptions is createdby attribute is not exposed here.

Anyways lets see if any other member has further opinion.

Regards
Manish Kumar
If the response answered your query, please Accept As Solution and Kudos
.

rushikeshvartak · ‎04/10/2024

use createdBy B is capital

select a from Users a where a.customproperty1 = 'Saviynt' and (a.owner = '${users.username}' OR a.createdBy = '${users.username}')

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Murmur · ‎04/11/2024

Thanks @rushikeshvartak!

I was pretty confident that I tested that already.

Saviynt Forums

SAV Role - Whom to Request - How to use CREATEDBY in Advanced Filter