This is a known issue in the following versions:
- RSA Governance & Lifecycle 7.5.2
- RSA Governance & Lifecycle 8.0
While attempting to create a change request to remove a local entitlement linked to an account that no longer exists, the change request was completed successfully but the local entitlement did not get removed as per the below screenshot.
Similarly, while Attempting to Revoke same local entitlement linked to an account that no longer exists via user access review, you may receive the below error message on the UI.
And the below error in aveksaServer.log file,
04/08/2024 12:08:28.502 ERROR (SaveReviewChangesThread27-0) [com.aveksa.gui.pages.review.review.newEdit.SaveReviewChangesThread] Failed to signoff review components
com.aveksa.server.review.ReviewServiceException: Failed to create the change request
at com.aveksa.server.review.cr.processors.BaseReviewCRProcessor.createChangeRequest(BaseReviewCRProcessor.java:334)
at com.aveksa.server.review.cr.processors.BaseReviewCRProcessor.createChangeRequestForGivenRevComponents(BaseReviewCRProcessor.java:228)
at com.aveksa.server.review.cr.processors.BaseReviewCRProcessor.createCRForGivenRevCompsWOPostingEvents(BaseReviewCRProcessor.java:141)
at com.aveksa.server.review.Review.generateCRForReviewComponents(Review.java:2033)
at com.aveksa.server.review.Review.signOffrevComponents(Review.java:1665)
at com.aveksa.server.review.Review.signOffInProcessRevComponents(Review.java:1306)
at com.aveksa.server.review.Review.signOffInProcessRevComponents(Review.java:1269)
at com.aveksa.server.review.Review.signOffInProcessRevComponents(Review.java:1213)
at com.aveksa.gui.objects.review.GuiReviewBase.signOffRevComponents(GuiReviewBase.java:332)
at com.aveksa.gui.pages.review.review.newEdit.SaveReviewChangesThread.run(SaveReviewChangesThread.java:287)
Caused by: com.aveksa.server.core.AdminServiceException: java.lang.NullPointerException
at com.aveksa.server.core.cr.ChangeRequestCreationHandler.createChangeRequest(ChangeRequestCreationHandler.java:327)
at com.aveksa.server.core.cr.ChangeRequestCreationHandler.createChangeRequests(ChangeRequestCreationHandler.java:223)
at com.aveksa.server.core.cr.ChangeRequestCreationHandler.createChangeRequests(ChangeRequestCreationHandler.java:107)
at com.aveksa.server.core.cr.ChangeRequestServiceProvider.createChangeRequest(ChangeRequestServiceProvider.java:146)
at com.aveksa.server.review.cr.processors.BaseReviewCRProcessor.createChangeRequest(BaseReviewCRProcessor.java:331)
... 9 more
Caused by: java.lang.NullPointerException
at com.aveksa.server.core.cr.UserToAccountBasedCriTranslator.convertToAccountBasedChangeItems(UserToAccountBasedCriTranslator.java:556)
at com.aveksa.server.core.cr.ChangeRequestCreationHandler.createChangeRequest(ChangeRequestCreationHandler.java:292)
... 13 more
Existing behavior of Local Entitlement to Account relationship does not work the same way as Collected Entitlements.
In case of configuring "Entitlements require account" to yes, an Entitlement cannot exist without an Account but in case of Local Entitlements they do exist without an Account, Local Entitlement gets fulfilled and completed irrespective of whether the Account is in Pending/Completed state.
This behavior of Local Entitlements is causing issues while removing the Entitlement that does not have a corresponding Account.
Changes were implemented and the behavior has been changed in the following versions.
- RSA Governance & Lifecycle 8.0.0 P04
When a Local Entitlement creation CR is created along with an Account creation item, the Entitlement gets fulfilled and completed irrespective of whether the Account is in Pending/Completed state.
The fix introduces similar behavior implemented for Local Entitlement removal as the Entitlement exists independently.
Local Entitlement creation / deletion is not dependent on the account anymore, account could have been deleted prior.
