We have a policy which fetches provisioning roles for a user and processes it further. Things work fine as long as the user has 1 or many roles but when the user has no role and the policy fires, it ends in exception.
POLICYXPRESSAfter:ModifyUserEvent - Failed to evaluate policy 'Provisioning Notification: Role member disabled'. Error category 'Validation' with behavior 'Fail Event'.2017-04-27 16:02:10.0
POLICYXPRESSERROR MESSAGE: Missing parameter
How can we check for the NULL in the iterator as when the policy fires before any validation, the data elements is calculated first and there itself the exception is thrown.
The entry rule included the following conditions:
<<
(Role_Admin_Email Not equals "") AND (Disabled_State_Changed Equals "true")
AND (Disabled_State Equals "5") AND (Role_Admin_Email Contains "@") AND (UserProvisioningState Equals "Active")
AND (get_Role_List Not equals "")
>>
Each criterion is evaluated in sequence, so testing Role_Admin_Email value is the first criterion.
But this Role_Admin_Email value is taken from the Custom Field of each role into the iterator. So when the list is empty it fails on the first condition.
Understanding the cause of this issue; you must put the major test against get_Role_List ahead into the AND conditions sequence because if get_Role_List equals "" then the next test will not be done and so you will not get any exception.