We are delighted to share our new EIC Delivery Methodology for efficiently managing Saviynt Implementations and delivering quick time to value. CLICK HERE.

Update User Form Query Error

AshishDas
Regular Contributor II
Regular Contributor II

Hi,

We have a requirement where HR users can update users belonging only to their company via Update User Form under User Management.

Hence, we have created a SAV ROLE For HRs to replicate the same.

However, in the list of users to update, the HR user can see their ID also. Their ID should not be updated by them. How do we make sure that the HR who is updating the users does not see their ID in the list.

We have written a query which only shows active users belonging to the company of HR. But the HR is also present in that list to be updated. Seems the query is working partially.

AshishDas_1-1677847586487.png

 

Query : select a from Users a where a.companyname = '${users.companyname}' AND a.statuskey = 1 AND a.username != '${users.username}'

 

Do you see any issue here?

 

 

3 REPLIES 3

Darshanjain
Saviynt Employee
Saviynt Employee

Hi @AshishDas 

If you see the advance option it clearly says, request for self and advance filter condition what you provide, So for the logged in user , he will always be able to request for himself and then based on your conditions.

Request for self is OOTB feature and restrict that you can use cannot request option which will disable it from requesting others as well.

Right now i don't think of any other way to achieve the logged in user to not to request, But see if you can check that in workflow and auto reject it.

AshishDas
Regular Contributor II
Regular Contributor II

Hi Darshan,

Makes sense. The requirement is that the HR should be able to update users who are created via create user form.

Since the HR's data come from Oracle, we would not want to give the HR's the option to update themselves. Is there a way to achieve that?

Hi @AshishDas 

Directly from the UI, there is no way. How ever in the Dynamic attribute you can configure in a way such that the employee type field should be fetched via DA and once that is fetched based on the requestee user the other fields should be displayed , don't show any attributes which needs to be updated and other employee type you should be able to see all attributes . ( you can use Action string column to hide and show in creating dynamic attribute ).

https://docs.saviyntcloud.com/bundle/EIC-User-v2020x/page/Content/04-mang-usr/ars-upd-usr.htm