[midPoint] Skip approvelSchema when importing objects

Nico Pätzelt-Schäkel paetni1 at gmail.com
Mon Nov 28 15:36:53 CET 2016 

Hello,

i am working on workflows and have a problem. My hook is assigning roles to
users which get imported to the system. My metarole has an inducment with
an approval schema like below. When i import a new user from a ressource
everything seems OK. The approval schema gets approved automatically
because a superuser requested the import and then a task is created
automatically by the hook to assign the correct roles. This tasks fails
with an error "An exception occurred within model operation, in task
Task(id:1480338905821-0-1, name:Approving and executing creation of
<username>"...
Object of type 'UserType' with oid '57776a53-8ff2-4715-acb8-a2f89da7dc28'
was not found.
Is it possible to disable the approval schema for importing users? Or
disableing the approval process for all things done by the hook? Without
the approval schema in the metarole the hook works well.

<inducement>
         <focusMappings>
             <mapping>
                 <strength>strong</strength>
                 <expression>
                     <value>
                         <name>Approval Schema</name>
                         <description>Alle Anfragen müssen vom Admin
genehmigt werden</description>
                                <level>
                                        <name>IDM ADMIN</name>

                                        <approverRef
oid="00000000-0000-0000-0000-000000000002" type="c:UserType">
                                            <description>superuser</descr
iption>
                                        </approverRef>
                                        <automaticallyApproved>
                                        <description>If the user has
Superuser assignment, this role is automatically approved for
him.</description>

                                            <script>
                                                <code>
                                                    import
com.evolveum.midpoint.prism.*;
                                                    import
com.evolveum.midpoint.prism.path.*;
                                                    import
com.evolveum.midpoint.xml.ns._public.common.common_3.*;

 midpoint.isDirectlyAssigned(requester, midpoint.searchObjectByName(RoleType,
"Superuser"))
                                                </code>
                                            </script>
                                        </automaticallyApproved>
                                </level>
                     </value>
                 </expression>
                 <target>
                    <path>approvalSchema</path>
                 </target>
             </mapping>
         </focusMappings>
</inducement>

Nico
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20161128/666e8698/attachment.htm>

More information about the midPoint mailing list