and more in a single search tool across platforms. Read the announcement here. |
12/22/2023 03:08 AM - last edited on 12/22/2023 05:26 AM by Sunil
Hi.
I have created several run time analytics. When running them through the /ECM/analyticsConfig/runtimeanalytics on screen, they work and produces the output which is desired. They are not preventative.
This is the analytics SQL (which btw should not be needed as Saviynt should have a builtin feature for returning ALL reffective role memberships through a stored procedure! This SQL works though and based on role_user_account it will then iterate through the childroles tables regardless of the layer of parent-childs and return all the role keys if which a user is effectively member of through inheritance) :
SELECT
userkey,
username,
GROUP_CONCAT(DISTINCT combined_ids ORDER BY combined_ids SEPARATOR ', ') AS combinedrolekeys,
GROUP_CONCAT(DISTINCT rolenames ORDER BY rolenames SEPARATOR ', ') AS AllRoles
FROM (
SELECT
userkey,
username,
rolekey AS combined_ids,
CASE
WHEN 1=1 THEN role_name END AS rolenames
FROM (
SELECT
u.userkey,
u.username,
ru.rolekey,
r.roletype,
r.customproperty1,
r.customproperty2,
r.role_name
FROM users u
LEFT JOIN role_user_account ru ON u.userkey = ru.userkey
LEFT JOIN roles r ON ru.rolekey = r.rolekey
UNION
SELECT
u.userkey,
u.username,
COALESCE(childroles.childrolekey, ru.rolekey) AS rolekey,
cr_roles.roletype,
cr_roles.customproperty1,
cr_roles.customproperty2,
cr_roles.role_name
FROM
users u
LEFT JOIN role_user_account ru ON u.userkey = ru.userkey
LEFT JOIN roles r ON ru.rolekey = r.rolekey
LEFT JOIN childroles ON r.rolekey = childroles.parentrolekey
LEFT JOIN roles cr_roles ON childroles.childrolekey = cr_roles.rolekey
) t
WHERE userkey IS NOT NULL
GROUP BY userkey, combined_ids, rolenames
) t
GROUP BY userkey ORDER BY userkey
I now try to use them in multi calls on the ImportAccountEntJSON on a Saviynt4Saviynt Rest Connector.
This is the error message I recieves:
Job Name Application Data Import (Single Threaded)
Job Type full
Import Type accounts
Error Failed to import data Cannot get property 'processingType' on null object
This is the code in the ImportAccountEntJSON:
{
"type": "multiCall",
"call": [
{
"name": "call1",
"connection": "userAuth",
"url": "<url>/ECM/api/v5/FetchRuntimeControlsData",
"httpParams": "{\"analyticsid\": \"13\"}",
"httpMethod": "GET",
"httpHeaders": {
"Authorization": "${access_token}",
"Accept": "application/json"
},
"httpContentType": "application/json",
"userResponsePath": "result",
"colsToPropsMap": {
"accountID": "USERNAME~#~char",
"customproperty20": "COMBINEDROLEKEYS~#~char"
},
"pagination": {
"offset": {
"offsetParam": "offset",
"batchParam": "displaycount",
"batchSize": 50,
"totalCountPath": "completeResponseMap.total"
}
}
}
]
}
The accountID on the endpoint for the users account is the username value, so the matching is done by the USERNAME column outputtet from the analytics.
Can you see what happens and why I get that missing processing type?
There is only one call for now.
Update:
I changed the code in the ImportAccountEntJSON:
{
"accountParams": {
"connection": "userAuth",
"createUsers": false,
"processingType": "SequentialAndIterative",
"statusAndThresholdConfig": {},
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "https://\retracted>/ECM/api/v5/FetchRuntimeControlsData",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"httpMethod": "GET"
},
"httpParams": "{\"analyticsid\": \"13\"}",
"keyField":"accountID",
"acctKeyField": "accountID",
"colsToPropsMap": {
"accountID": "USERKEY~#~char",
"name":"USERKEY~#~char",
"customproperty10": "COMBINEDROLEKEYS~#~char"
}
}
}
}
}
But it updates no accounts at all.
[This message has been edited by moderator to merge reply comment]
12/26/2023 12:00 AM
Hello @Kerasit,
Can you please re-check the json,
FetchRuntimeControlsData -> fetchRuntimeControlsData
Instead of GET, it should be POST, PFA screenshot for ref.
Thanks.
12/26/2023 10:07 AM
{
"accountParams": {
"connection": "userAuth",
"createUsers": false,
"processingType": "SequentialAndIterative",
"statusAndThresholdConfig": {},
"call": {
"call1": {
"callOrder": 0,
"stageNumber": 0,
"http": {
"url": "https://\retracted>/ECM/api/v5/fetchRuntimeControlsData",
"httpHeaders": {
"Authorization": "${access_token}"
},
"httpContentType": "application/json",
"httpMethod": "POST"
},
"httpParams": "{\"analyticsid\": \"13\"}",
"keyField":"accountID",
"acctKeyField": "accountID",
"colsToPropsMap": {
"accountID": "USERKEY~#~char",
"name":"USERKEY~#~char",
"customproperty10": "COMBINEDROLEKEYS~#~char"
}
}
}
}
}
01/05/2024 05:09 AM
Thank you. Sorry for the late reply, but Christmass, new Years Eve and a heavy snowfall has just kept me occupied.
It does not work.
I will ask for advice in a different way:
Using the Saviynt Rest Connector (which is the REST version of the sav4sav connector), I wish to update accounts on that Saviynt endpoint. I wish to update accounts based on runtime analytics (as above) both from ImportAccountEntJSON and ad-hoc on single accounts through UpdateAccountJSON. Further I would like to know if I can use Runtime analytics results in UpdateAccountJSON?
The reason is that I have some temporary values and calculated values that I only need as part of another analytics to update user objects, and I have no need for the temporary values on the actual user.
01/05/2024 08:23 AM
You can use any apis in UpdateAccountJSON
01/15/2024 03:00 AM
Okay thank you very much.
I am struggling with this code in UpdateUserJSON:
{
"actions":{
"Update Login":{
"call":[
{
"name":"createRequest",
"connection":"userAuth",
"url":"https://******/ECM/api/v5/createrequest",
"httpMethod":"POST",
"httpContentType":"application/json",
"httpHeaders":{
"Authorization":"${access_token}"
},
"httpParams":"{\"requesttype\":\"ADD\",\"username\":\"${user.username}\",\"endpoint\":\"SaviyntForSaviynt\",\"securitysystem\": \"SaviyntForSaviynt\",\"createaccountifnotexists\":\"true\",\"createnewaccounttaskifnotexist\":\"true\",\"entitlement\":[{\"entitlementtype\":\"Department\",\"entitlementvalue\":\"${user.customproperty25}\"}]}",
"successResponses":{
"statusCode":[
200,
201
]
},
"unsuccessResponses":{
"statusCode":[
400,
401,
403,
409,
500
]
}
},
{
"name":"call1",
"connection":"userAuth",
"url":"https://******/ECM/api/v5/FetchRuntimeControlsData",
"httpMethod":"POST",
"httpContentType":"application/json",
"httpParams":"{\"analyticsid\": \"18\", \"attributes\": {\"uid\": \"${user.username}\"}",
"httpHeaders":{"Authorization":"${access_token}"},
"successResponses":{
"statusCode":[200,201]
},
"unsuccessResponses":{
"statusCode":[400,401,403,409,500]
}
},
{
"name":"call2",
"connection":"userAuth",
"url":"https://******/ECM/api/v5/updateUser",
"httpMethod":"POST",
"httpContentType":"application/json",
"httpParams":"{\"username\": \"${user.username}\", \"systemusername\": \"${response.call1.message.records[0].LOGONNAME}\"}",
"httpHeaders":{"Authorization":"${access_token}"},
"successResponses":{
"statusCode":[200,201]
},
"unsuccessResponses":{
"statusCode":[400,401,403,409,500]
}
}
]
},
"Enable User":{
"call":[
{
"name":"createRequest2",
"connection":"acctAuth",
"url":"https://******/ECM/api/v5/createrequest",
"httpMethod":"POST",
"httpContentType":"application/json",
"httpParams":"{\"requesttype\":\"ADD\",\"username\":\"${user.username}\",\"endpoint\":\"SaviyntForSaviynt\",\"securitysystem\":\"SaviyntForSaviynt\",\"createnewaccounttaskifnotexist\":\"true\",\"entitlement\":[{\"entitlementtype\":\"Organization\",\"entitlementvalue\":\"${user.customproperty10}\"}]}",
"httpHeaders":{
"Authorization":"${access_token}"
},
"successResponses":{
"statusCode":[
200,
201
]
},
"unsuccessResponses":{
"statusCode":[
400,
401,
403,
409,
500
]
}
},
{
"name":"call3",
"connection":"userAuth",
"url":"https://******/ECM/api/v5/FetchRuntimeControlsData",
"httpMethod":"POST",
"httpContentType":"application/json",
"httpParams":"{\"analyticsid\": \"17\", \"attributes\": {\"username\": \"${user.username}\"}",
"httpHeaders":{"Authorization":"${access_token}"},
"successResponses":{
"statusCode":[200,201]
},
"unsuccessResponses":{
"statusCode":[400,401,403,409,500]
}
},
{
"name":"call4",
"connection":"userAuth",
"url":"https://******/ECM/api/v5/FetchRuntimeControlsData",
"httpMethod":"POST",
"httpContentType":"application/json",
"httpParams":"{\"analyticsid\": \"21\", \"attributes\": {\"username\": \"${user.username}\", \"rolekeys\": \"${response.call3.message.records[0].COMBINEDROLEKEYS}\"}",
"httpHeaders":{"Authorization":"${access_token}"},
"successResponses":{
"statusCode":[200,201]
},
"unsuccessResponses":{
"statusCode":[400,401,403,409,500]
}
},
{
"name":"call5",
"connection":"userAuth",
"url":"https://******/ECM/api/v5/updateUser",
"httpMethod":"POST",
"httpContentType":"application/json",
"httpParams":"{\"username\": \"${user.username}\", \"customproperty59\": \"${response.call4.message.records[0].CP59}\", \"customproperty60\": \"${response.call4.message.records[0].CP60}}",
"httpHeaders":{"Authorization":"${access_token}"},
"successResponses":{
"statusCode":[200,201]
},
"unsuccessResponses":{
"statusCode":[400,401,403,409,500]
}
}
]
}
}
}
The refferenced calls to the runtime analytics and trying to use the result from previous calls, is what causes me issues.
01/15/2024 05:14 PM
What is error in logs or issue, can you elaborate