Scenarios :
- Application Name: App1
- Requestable Entitlements :
- E1: Risk rating medium
- E2: Risk rating high
- E3: Risk rating critical
- Approval Process Risk-based where
- Medium risk-rated entitlements: Level 1 approval only
- High risk-rated entitlements: Level 1, and Level 2 approvals
- Critical risk-rated entitlements: Level 1, Level 2, and Level3 approvals
- User U1 request for App1 with all entitlements in the request (E, E2, and E3)
Level 1 Approver: Approves E1, E2, and E3
The request goes to Level 2 Approver
<< System should not create a task for E1 entitlement as E2 and E3 approval are still in progress >>
Level 2 Approver: Approves E2 and E3
The request goes to Level 3 Approver
<< System should not create a task for E2 entitlement as E3 approval is still in progress >>
Level 3 Approver: Approves E3
<< System should create a task for E1, E2, and E3 entitlement along with account task >>
Solution
Saviynt provides a solution that holds the entire tasks creation process during workflow approval until all approval completes.
Method Name: "All Approvals Complete Check"
This solution won’t support via standard Workflow editor UI version. Hence we need to make the required changes within workflow XML and reimport it into the system.
Solution Details :
Step1: Download the targetted workflow through Saviynt provided “Transport Service” and opens workflow XML file in notepad++ editor. Don’t make any changes in the Saviynt Workflow editor XML as you may lose the entire UI object flow as it saves into XML
Step2: Look for the to = “grantaccess” in your workflow and replace it with “All Approvals Complete Check”
e.g.
After Level 1 approval,
Before Change :
<transition name="Approved By Level1" to="grantaccess"/>
After change :
<transition name="Approved By Level1" to="All Approvals Complete Check"/>
Repeat the above steps for all level of approvals such as level2 and level3 wherever you send the request to = “grantaccess”.
Step3: Add the below code snippet within “grantacccess” and also check for the method in
“com.saviynt.workflowmgt.grantaccess”, it needs to change from createAccess to createAccessForApproved
<java class="com.saviynt.workflowmgt.grantaccess"
method="createAccessForApproved" name="grantaccess">
<arg>
<object expr="#{requestaccesskey}"/>
</arg>
<transition to="End Request"/>
</java>
<java class="com.saviynt.workflowmgt.rejectaccess"
method="denyAccess" name="rejectaccess">
<arg>
<object expr="#{requestaccesskey}"/>
</arg>
<transition to="End Request"/>
</java>
<join multiplicity="#{quorum}" name="All Approvals Complete Check">
<transition to="grantaccess"/>
</join>
<java class="com.saviynt.workflowmgt.endrequest"
method="arsendrequest" name="End Request">
<arg>
<object expr="#{reqid}"/>
</arg>
<transition to="endRequest"/>
</java>
<end name="endRequest"/>
Step4: Before loading the changed XML workflow into the Saviynt system, update the following entries in ‘workflowhistory’ table.
- Set the status of this workflow in workflowhistory = 3.
- Update the xmldata col with this workflow.
- update ‘workflowhistory’ set WFLOADED=0 where WORKFLOWKEY = ;
- Saviynt UI approves the workload So that it is approved and loaded successfully
Note: You can use the above case for the below requirement as well
In Parallel workflow, if you want to delay task creation till all the items in the request is completed, For example – in SNOW applications, the ticket gets created as per the tasks in service now target application. However, if there are multiple tasks in a single request and the customer does not want multiple tickets for each task in a single request and requirement is One ticket should get created for one request.
Note - once the workflow is changed to xml view it can not be changed back to pictorial view with drag and drop options.
