Saviynt Forums

sandeepgudipudi · ‎06/26/2024

Hi, I have a requirement to validate the usecase in workflow for approval/auto approval

step 1: the request should go for manager approval

step 2: workflow should check for

1.employetype=employee and

2.user departmentName matches with any one of the departmentname (CORE TECH SECURITY DEV US,AWAN ENGR US,MIST ENGINEERING US) and

3.user custom attribute has( Core Tech,Awan)

OR [ Above all 3 or below 1 condition should satisfy]

4. user belong to endpoint AD and has access to entitlements 'cn=java,XXX' or 'cn=python,XXX' group.

if above condition doesnot satisfy request should go to 2nd level approval else it should auto provision

dgandhi · ‎06/26/2024

use if-else block, below link for example:

https://docs.saviyntcloud.com/bundle/EIC-Admin-v24x/page/Content/Chapter12-Workflows/Workflow-Compon...

Thanks,
Devang Gandhi
If this reply answered your question, please Accept As Solution and give Kudos to help others who may have a similar problem.

rushikeshvartak · ‎06/26/2024

Refer below workflow.

((dynamicAttributes.get('isADACCESS') ne null)
and
(dynamicAttributes.get('isADACCESS') eq 'Yes'))

For Requirement

user belong to endpoint AD and has access to entitlements 'cn=java,XXX' or 'cn=python,XXX' group.

Create dynamic attribute on request form /visible or hidden and based on it route workflow

user.employeetype eq 'employee' and ( user.departmentname eq 'CORE TECH SECURITY DEV US' OR user.departmentname eq 'AWAN ENGR US' OR user.departmentname eq 'MIST ENGINEERING US' ) and ( user.customproperty1 eq 'Core Tech' or user.customproperty1 eq 'Awan' )

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

sandeepgudipudi · ‎06/27/2024

Can you please help with query for dynamic attribute for below

For Requirement

user belong to endpoint AD and has access to entitlements 'cn=java,XXX' or 'cn=python,XXX' group.

Create dynamic attribute on request form /visible or hidden and based on it route workflow

rushikeshvartak · ‎06/27/2024

select u.username,case when u.userkey='${requestee}' then 'Yes' else 'No' end as id from accounts a, endpoints e ,account_entitlements1 ae , entitlement_values ev ,user_accounts ua,users u where a.endpointkey=e.endpointkey and ae.entitlement_valuekey =ev.entitlement_valuekey and ae.accountkey=a.accountkey and ua.accountkey=a.accountkey and ua.userkey=u.userkey and e.endpointname='Saviynt' and ev.entitlement_value IN ('ROLE_ADMIN' ) and u.userkey='${requestee}'

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

sandeepgudipudi · ‎07/01/2024

Hi

In if else condition iam tying with the below query it and 2nd check is not working

working with only - user.employeeType.equalsIgnoreCase("Employee")

Not working if 2nd condition is defined - user.employeeType.equalsIgnoreCase("Employee") and user.departmentName.equalsIgnoreCase("IT SECURITY-1000")

rushikeshvartak · ‎07/01/2024

user.employeeType.equalsIgnoreCase("Employee") AND user.departmentName.equalsIgnoreCase("IT SECURITY-1000")

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

sandeepgudipudi · ‎07/01/2024

tried that but second condition is not working

rushikeshvartak · ‎07/01/2024

Provide workflow screenshot and logs

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

sandeepgudipudi · ‎07/01/2024

Workflow Name: JNPRSCMWF-1

Request ID: 2114613

rushikeshvartak · ‎07/01/2024

Nothing in logs related to 2114613 if any please point to line number

Screenshot is blur please provide better screenshot please

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

sandeepgudipudi · ‎07/01/2024

Logs doesnot show any thing, once manager approves the request it is still showing as pending for manager approval

rushikeshvartak · ‎07/01/2024

Use proper parathesis (brackets) for condition 1

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

sandeepgudipudi · ‎07/01/2024

Yes iam using the same

user.employeeType.equalsIgnoreCase("Employee") AND user.departmentName.equalsIgnoreCase("IT SECURITY-1000") AND user.customproperty18.equalsIgnorecase("IT Security AND Compliance")

rushikeshvartak · ‎07/01/2024

(user.employeeType.equalsIgnoreCase("Employee") and user.departmentname.equalsIgnoreCase("IT SECURITY-1000") and user.customproperty18.equalsIgnorecase("IT Security AND Compliance"))

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

sandeepgudipudi · ‎07/01/2024

it did not work

rushikeshvartak · ‎07/01/2024

Just keep user.departmentname.equalsIgnoreCase("IT SECURITY-1000") and validate flow

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

sandeepgudipudi · ‎07/01/2024

yes i tested that too only working condition is user.employeeType.equalsIgnoreCase("Employee").

If i define dynamic attribute as dynamicAttributes.get('departmentName') eq 'IT SECURITY-1000') it is working, when both the conditions are merged it is not working

(user.employeeType.equalsIgnoreCase("Employee") AND dynamicAttributes.get('departmentName')) eq 'IT SECURITY-1000')

rushikeshvartak · ‎07/01/2024

It seems departmentname is not exposed.

You can create hidden dynamic attribute and use in workflow and enable below config

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

sandeepgudipudi · ‎07/02/2024

with my use case can you help with screenshots for creating hidden dynamic attribute

rushikeshvartak · ‎07/02/2024

You have already created dynamic attribute make it hidden

select departmentname as id from users where userkey =${requestee}

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

sandeepgudipudi · ‎07/02/2024

Hidden DA option is also not working

(user.employeeType.equalsIgnoreCase("Employee") AND dynamicAttributes.get('departmentName') eq 'IT SECURITY-1000') AND dynamicAttributes.get('customproperty18') eq 'IT Security AND Compliance'))

rushikeshvartak · ‎07/02/2024

What is your DA Name. Please share screenshot from request_access_attrs table

Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

sandeepgudipudi · ‎07/01/2024

i tried the following too but did not work

(user.employeeType.equalsIgnoreCase("Employee") AND user.departmentName.equalsIgnoreCase("IT SECURITY-1000") AND user.customproperty18.equalsIgnorecase("IT Security AND Compliance"))

Saviynt Forums

workflow for validation