Solved: Re: Approvals bypassed

TeriStevenson · ‎Apr 16, 2020

I have a strange anomaly with 2 requests submitted yesterday for the same user. The user submitted 2 separate requests for the same general catalog item that has 7 levels of approval. The request logs show an insert to approval process for all the levels and then show the approval email going out to the first level approvers (pool within group). I verified the emails were sent however, both requests only show the 4th level approver. The approval process for those those request id's only show that he is in the approval. I can't find any other logs that show why the first 3 levels were completely bypassed and in looking at the catalog item there are no exclusion conditions on the approval tab.

Any ideas on what might have happened that can explain this behavior on the two items? I am going to impersonate the user and see if the same occurs but am trying to shed some light on this. I submitted a request today and all approval level are there. In comparing the logs they are the same (except in the anomaly the level 4 approver rejected the request).

I somehow always seem to find the strange unexplainable behaviors 🙂

CharlesW · ‎Apr 27, 2020

There are a couple of items you might look at for some degree of audit..

1. You should see a note added to the request when the approval process is modified..

2. An entry should be written to Approval_Modification.log

The request log is also updated, but it basically is just a long entry stating that a new note has been added.. If you don't see either a note, or an update in Approval_Modification.log, then I'd have to say that something just went wrong, and the approval was not modified by somebody.

View solution in original post

CharlesW · ‎Apr 17, 2020

You mentioned that you were going to impersonate the user.. Let me know what happens with this.. Also, I might suggest that you open the catalog item, and go to the approval process tab. under this tab, you will see a simulate tab.. Enter the user name here, and let me know if the simulate returns the expected results.. Finally, not sure what the first three levels of workflow look like, but be sure that the user in question is not part of the approval process at these levels. If they were, the approval level would be skipped.

TeriStevenson · ‎Apr 17, 2020

The simulation shows all approval levels and impersonating the user today - both requests stopped at level 1. The users isn't in any of the levels that were bypassed. I am curious if the approvers at level 1 deleted the approvals up to level 4 but I thought that would show in the Notes that the approval process was modified. Is there an audit trail table for approvals that might show if they somehow deleted the levels?

CharlesW · ‎Apr 27, 2020

There are a couple of items you might look at for some degree of audit..

1. You should see a note added to the request when the approval process is modified..

2. An entry should be written to Approval_Modification.log

The request log is also updated, but it basically is just a long entry stating that a new note has been added.. If you don't see either a note, or an update in Approval_Modification.log, then I'd have to say that something just went wrong, and the approval was not modified by somebody.

TeriStevenson · ‎Apr 27, 2020

Thanks Charles - I think something just went wrong that day - could be all the users vpn'ing in and maybe lost connection but hasn't occurred since and logs look good. Have a great day!