Saviynt Forums

Kerasit · ‎12/22/2023

Hi.

I have created several run time analytics. When running them through the /ECM/analyticsConfig/runtimeanalytics on screen, they work and produces the output which is desired. They are not preventative.

This is the analytics SQL (which btw should not be needed as Saviynt should have a builtin feature for returning ALL reffective role memberships through a stored procedure! This SQL works though and based on role_user_account it will then iterate through the childroles tables regardless of the layer of parent-childs and return all the role keys if which a user is effectively member of through inheritance) :

SELECT 
	userkey, 
	username, 
	GROUP_CONCAT(DISTINCT combined_ids ORDER BY combined_ids SEPARATOR ', ') AS combinedrolekeys, 
	GROUP_CONCAT(DISTINCT rolenames ORDER BY rolenames SEPARATOR ', ') AS AllRoles
	FROM ( 
		SELECT 
			userkey, 
			username, 
			rolekey AS combined_ids, 
			CASE 
				WHEN 1=1 THEN role_name END AS rolenames 
		FROM ( 
			SELECT 
				u.userkey, 
				u.username, 
				ru.rolekey, 
				r.roletype, 
				r.customproperty1, 
				r.customproperty2, 
				r.role_name 
			FROM users u 
			LEFT JOIN role_user_account ru ON u.userkey = ru.userkey 
			LEFT JOIN roles r ON ru.rolekey = r.rolekey 
			UNION 
			SELECT 
				u.userkey, 
				u.username, 
				COALESCE(childroles.childrolekey, ru.rolekey) AS rolekey, 
				cr_roles.roletype, 
				cr_roles.customproperty1, 
				cr_roles.customproperty2, 
				cr_roles.role_name 
			FROM 
				users u 
			LEFT JOIN role_user_account ru ON u.userkey = ru.userkey 
			LEFT JOIN roles r ON ru.rolekey = r.rolekey 
			LEFT JOIN childroles ON r.rolekey = childroles.parentrolekey 
			LEFT JOIN roles cr_roles ON childroles.childrolekey = cr_roles.rolekey 
		) t 
	WHERE userkey IS NOT NULL 
	GROUP BY userkey, combined_ids, rolenames 
	) t 
GROUP BY userkey ORDER BY userkey

I now try to use them in multi calls on the ImportAccountEntJSON on a Saviynt4Saviynt Rest Connector.

This is the error message I recieves:

Job Name	Application Data Import (Single Threaded)
Job Type	full
Import Type	accounts
Error Failed to import data	Cannot get property 'processingType' on null object

This is the code in the ImportAccountEntJSON:

{
	"type": "multiCall",
	"call": [
		{
			"name": "call1",
			"connection": "userAuth",
			"url": "<url>/ECM/api/v5/FetchRuntimeControlsData",
			"httpParams": "{\"analyticsid\": \"13\"}",
			"httpMethod": "GET",
			"httpHeaders": {
				"Authorization": "${access_token}",
				"Accept": "application/json"
			},
			"httpContentType": "application/json",
			"userResponsePath": "result",
			"colsToPropsMap": {
				"accountID": "USERNAME~#~char",
				"customproperty20": "COMBINEDROLEKEYS~#~char"
			},
			"pagination": {
				"offset": {
					"offsetParam": "offset",
					"batchParam": "displaycount",
					"batchSize": 50,
					"totalCountPath": "completeResponseMap.total"
				}
			}
		}
	]
}

The accountID on the endpoint for the users account is the username value, so the matching is done by the USERNAME column outputtet from the analytics.

Can you see what happens and why I get that missing processing type?

There is only one call for now.

Update:

I changed the code in the ImportAccountEntJSON:

{
  "accountParams": {
    "connection": "userAuth",
    "createUsers": false,
    "processingType": "SequentialAndIterative",
    "statusAndThresholdConfig": {},
    "call": {
      "call1": {
        "callOrder": 0,
        "stageNumber": 0,
        "http": {
          "url": "https://\retracted>/ECM/api/v5/FetchRuntimeControlsData",
          "httpHeaders": {
            "Authorization": "${access_token}"
          },
          "httpContentType": "application/json",
          "httpMethod": "GET"
        },
		"httpParams": "{\"analyticsid\": \"13\"}",
"keyField":"accountID",
        "acctKeyField": "accountID",
        "colsToPropsMap": {
          "accountID": "USERKEY~#~char",
"name":"USERKEY~#~char",
          "customproperty10": "COMBINEDROLEKEYS~#~char"
        }
      }
    }
  }
}

But it updates no accounts at all.

[This message has been edited by moderator to merge reply comment]

sudeshjaiswal · ‎12/26/2023

Hello @Kerasit,

Can you please re-check the json,
FetchRuntimeControlsData -> fetchRuntimeControlsData
Instead of GET, it should be POST, PFA screenshot for ref.

Thanks.

If you find the above response useful, Kindly Mark it as "Accept As Solution".

rushikeshvartak · ‎12/26/2023

{
  "accountParams": {
    "connection": "userAuth",
    "createUsers": false,
    "processingType": "SequentialAndIterative",
    "statusAndThresholdConfig": {},
    "call": {
      "call1": {
        "callOrder": 0,
        "stageNumber": 0,
        "http": {
          "url": "https://\retracted>/ECM/api/v5/fetchRuntimeControlsData",
          "httpHeaders": {
            "Authorization": "${access_token}"
          },
          "httpContentType": "application/json",
          "httpMethod": "POST"
        },
		"httpParams": "{\"analyticsid\": \"13\"}",
"keyField":"accountID",
        "acctKeyField": "accountID",
        "colsToPropsMap": {
          "accountID": "USERKEY~#~char",
"name":"USERKEY~#~char",
          "customproperty10": "COMBINEDROLEKEYS~#~char"
        }
      }
    }
  }
}

Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

Kerasit · ‎01/05/2024

Thank you. Sorry for the late reply, but Christmass, new Years Eve and a heavy snowfall has just kept me occupied.

It does not work.

I will ask for advice in a different way:

Using the Saviynt Rest Connector (which is the REST version of the sav4sav connector), I wish to update accounts on that Saviynt endpoint. I wish to update accounts based on runtime analytics (as above) both from ImportAccountEntJSON and ad-hoc on single accounts through UpdateAccountJSON. Further I would like to know if I can use Runtime analytics results in UpdateAccountJSON?

The reason is that I have some temporary values and calculated values that I only need as part of another analytics to update user objects, and I have no need for the temporary values on the actual user.

rushikeshvartak · ‎01/05/2024

You can use any apis in UpdateAccountJSON

Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

Kerasit · ‎01/15/2024

Okay thank you very much.

I am struggling with this code in UpdateUserJSON:

{
   "actions":{
      "Update Login":{
         "call":[
			{
               "name":"createRequest",
               "connection":"userAuth",
               "url":"https://******/ECM/api/v5/createrequest",
               "httpMethod":"POST",
               "httpContentType":"application/json",
               "httpHeaders":{
                  "Authorization":"${access_token}"
               },
               "httpParams":"{\"requesttype\":\"ADD\",\"username\":\"${user.username}\",\"endpoint\":\"SaviyntForSaviynt\",\"securitysystem\": \"SaviyntForSaviynt\",\"createaccountifnotexists\":\"true\",\"createnewaccounttaskifnotexist\":\"true\",\"entitlement\":[{\"entitlementtype\":\"Department\",\"entitlementvalue\":\"${user.customproperty25}\"}]}",
               "successResponses":{
                  "statusCode":[
                     200,
                     201
                  ]
               },
               "unsuccessResponses":{
                  "statusCode":[
                     400,
                     401,
                     403,
                     409,
                     500
                  ]
               }
            },
            {
               "name":"call1",
				"connection":"userAuth",
				"url":"https://******/ECM/api/v5/FetchRuntimeControlsData",
				"httpMethod":"POST",
				"httpContentType":"application/json",
				"httpParams":"{\"analyticsid\": \"18\", \"attributes\": {\"uid\": \"${user.username}\"}",
				"httpHeaders":{"Authorization":"${access_token}"},
				"successResponses":{
					"statusCode":[200,201]
				},
				"unsuccessResponses":{
					"statusCode":[400,401,403,409,500]
				
				}
			},
			{
               "name":"call2",
				"connection":"userAuth",
				"url":"https://******/ECM/api/v5/updateUser",
				"httpMethod":"POST",
				"httpContentType":"application/json",
				"httpParams":"{\"username\": \"${user.username}\", \"systemusername\": \"${response.call1.message.records[0].LOGONNAME}\"}",
				"httpHeaders":{"Authorization":"${access_token}"},
				"successResponses":{
					"statusCode":[200,201]
				},
				"unsuccessResponses":{
					"statusCode":[400,401,403,409,500]
				
				}
			}
         ]
      },
      "Enable User":{
         "call":[
			{
               "name":"createRequest2",
               "connection":"acctAuth",
               "url":"https://******/ECM/api/v5/createrequest",
               "httpMethod":"POST",
               "httpContentType":"application/json",
               "httpParams":"{\"requesttype\":\"ADD\",\"username\":\"${user.username}\",\"endpoint\":\"SaviyntForSaviynt\",\"securitysystem\":\"SaviyntForSaviynt\",\"createnewaccounttaskifnotexist\":\"true\",\"entitlement\":[{\"entitlementtype\":\"Organization\",\"entitlementvalue\":\"${user.customproperty10}\"}]}",
               "httpHeaders":{
                  "Authorization":"${access_token}"
               },
               "successResponses":{
                  "statusCode":[
                     200,
                     201
                  ]
               },
               "unsuccessResponses":{
                  "statusCode":[
                     400,
                     401,
                     403,
                     409,
                     500
                  ]
               }
            },
            {
               "name":"call3",
				"connection":"userAuth",
				"url":"https://******/ECM/api/v5/FetchRuntimeControlsData",
				"httpMethod":"POST",
				"httpContentType":"application/json",
				"httpParams":"{\"analyticsid\": \"17\", \"attributes\": {\"username\": \"${user.username}\"}",
				"httpHeaders":{"Authorization":"${access_token}"},
				"successResponses":{
					"statusCode":[200,201]
				},
				"unsuccessResponses":{
					"statusCode":[400,401,403,409,500]
				
				}
			},
			{
               "name":"call4",
				"connection":"userAuth",
				"url":"https://******/ECM/api/v5/FetchRuntimeControlsData",
				"httpMethod":"POST",
				"httpContentType":"application/json",
				"httpParams":"{\"analyticsid\": \"21\", \"attributes\": {\"username\": \"${user.username}\", \"rolekeys\": \"${response.call3.message.records[0].COMBINEDROLEKEYS}\"}",
				"httpHeaders":{"Authorization":"${access_token}"},
				"successResponses":{
					"statusCode":[200,201]
				},
				"unsuccessResponses":{
					"statusCode":[400,401,403,409,500]
				
				}
			},
			{
               "name":"call5",
				"connection":"userAuth",
				"url":"https://******/ECM/api/v5/updateUser",
				"httpMethod":"POST",
				"httpContentType":"application/json",
				"httpParams":"{\"username\": \"${user.username}\", \"customproperty59\": \"${response.call4.message.records[0].CP59}\", \"customproperty60\": \"${response.call4.message.records[0].CP60}}",
				"httpHeaders":{"Authorization":"${access_token}"},
				"successResponses":{
					"statusCode":[200,201]
				},
				"unsuccessResponses":{
					"statusCode":[400,401,403,409,500]
				
				}
			}
         ]
      }
   }
}

The refferenced calls to the runtime analytics and trying to use the result from previous calls, is what causes me issues.

rushikeshvartak · ‎01/15/2024

What is error in logs or issue, can you elaborate

Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

Saviynt Forums

Using runtime analytics API from ImportAccountEntJSON