and more in a single search tool across platforms. Read the announcement here. |
11/21/2023 10:26 PM
Hello Team,
We need urgent assistance for 1 of the use case and are unable to move forward :
Background :
We have integrated an App A which follows manager + user group (member) approval.
Issue :
For 1 of the issue if the requestor which is part of the user group is raising the request for himself the request is firstly going well for manager approval post that the expectation is he is the member of that user group, the request should get auto approved but the request is getting assigned to admin.
Action performed :
(com.saviynt.ecm.identitywarehouse.domain.Usergroup_users.executeQuery("select ugu.id from Usergroup_users ugu where ugu.user_groupkey in (11,10,15,9,8,12,14,13,7) AND ugu.userkey= '${requestedby?.id}'")?.size() != 0)
Above condition fails when requestor, requestee and user group member is same.
Please assist.
Solved! Go to Solution.
11/21/2023 10:41 PM
When the requestor, beneficiary and the approver is the same, the system doesn't allow the request to auto approve. It will require other members of the user group to approve it.
This is enforced in the product workflows by default on all the blocks.
11/21/2023 10:56 PM
@Rajesh-R We have the user group where only 1 person is marked as member for timebeing.
Hence, when the requestor , beneficiary and approver are the same the wf at level 1 is working well for manager approval. Post that the request is landing to admin block.
Can you please let us know if its default behaviour and what could be the best solution to handle this?
11/21/2023 11:00 PM - edited 11/21/2023 11:01 PM
In your Manager approval, your approver is requestor's manager and not the requestor himself, so it allows.
Technically, one cannot request for himself and approve his own access.
Since your User group is having only one approver, it found the escape route and couldnt find anyone to add as approver, the platform added Admin as the approver.