[midPoint] Skip approvelSchema when importing objects

Pavol Mederly mederly at evolveum.com
Tue Nov 29 19:52:00 CET 2016 

Hello Nico,

it should be possible to automatically approve the changes based on the 
current channel. The channel could be determined by calling

midpoint.getCurrentTask().getChannel()

Please try to determine which value there is during the import and 
during the standard GUI operation. They should be different.

Hope this helps.

Pavol Mederly
Software developer
evolveum.com

On 28.11.2016 15:36, Nico Pätzelt-Schäkel wrote:
> Hello,
>
> i am working on workflows and have a problem. My hook is assigning 
> roles to users which get imported to the system. My metarole has an 
> inducment with an approval schema like below. When i import a new user 
> from a ressource everything seems OK. The approval schema gets 
> approved automatically because a superuser requested the import and 
> then a task is created automatically by the hook to assign the correct 
> roles. This tasks fails with an error "An exception occurred within 
> model operation, in task Task(id:1480338905821-0-1, name:Approving and 
> executing creation of <username>"...
> Object of type 'UserType' with oid 
> '57776a53-8ff2-4715-acb8-a2f89da7dc28' was not found.
> Is it possible to disable the approval schema for importing users? Or 
> disableing the approval process for all things done by the hook? 
> Without the approval schema in the metarole the hook works well.
>
> <inducement>
>          <focusMappings>
>              <mapping>
>                  <strength>strong</strength>
>                  <expression>
>                      <value>
>                          <name>Approval Schema</name>
>                          <description>Alle Anfragen müssen vom Admin 
> genehmigt werden</description>
>                                 <level>
>                                         <name>IDM ADMIN</name>
>                                         <approverRef 
> oid="00000000-0000-0000-0000-000000000002" type="c:UserType">
>  <description>superuser</description>
>  </approverRef>
>  <automaticallyApproved>
>  <description>If the user has Superuser assignment, this role is 
> automatically approved for him.</description>
>
>                                             <script>
>  <code>
>                                                     import 
> com.evolveum.midpoint.prism.*;
>                                                     import 
> com.evolveum.midpoint.prism.pa 
> <http://com.evolveum.midpoint.prism.pa>th.*;
>                                                     import 
> com.evolveum.midpoint.xml.ns._public.common.common_3.*;
>  midpoint.isDirectlyAssigned(requester, 
> midpoint.searchObjectByName(RoleType, "Superuser"))
>  </code>
>  </script>
>  </automaticallyApproved>
>                                 </level>
>                      </value>
>                  </expression>
>                  <target>
>  <path>approvalSchema</path>
>                  </target>
>              </mapping>
>          </focusMappings>
> </inducement>
>
> Nico
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20161129/c3dabe67/attachment.htm>

More information about the midPoint mailing list