[midPoint] Midpoint Role UI Issue
Anand Kothekar
anand.kothekar at confluxsys.com
Fri Dec 12 05:57:08 CET 2014
Hi
I have recently started using midpoint for evaluation. I have a midpoint
environment in my system configured with an ldap resource.
I was trying to play around with roles and inducement, I observed one
behaviour which i think is an issue with midpoint UI.
Problem:
- When i create a role and add an ldap resource inducement with some ldap
groups, the role is properly created and role member gets the appropriate
account and group membership.
- Now if i modify the role like i change the role description and save it,
the induced groups are removed from role. role xml gets modified.
- Another observation is like if a user is assigned multiple roles (roles
in hierarchy), and we remove the above updated role from user then the
group removed from role is not removed from user.
I have attached the role xml's for reference, please look into this and let
me know if it is the case i have mentioned or i am making any mistake.
Regards
Anand
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20141212/06f5aa3d/attachment.htm>
-------------- next part --------------
<role xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
oid="9abc45b0-2d13-47b2-b97f-fc4538fc90d7"
version="1">
<name>Test Role1</name>
<description>test role updated</description>
<metadata>
<createTimestamp>2014-12-12T10:22:25.654-05:00</createTimestamp>
<creatorRef oid="00000000-0000-0000-0000-000000000002" type="UserType"/>
<createChannel>http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#user</createChannel>
<modifyTimestamp>2014-12-12T10:24:20.868-05:00</modifyTimestamp>
<modifierRef xmlns:tns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
oid="00000000-0000-0000-0000-000000000002"
type="tns:UserType"/>
<modifyChannel>http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#user</modifyChannel>
</metadata>
<activation>
<effectiveStatus>disabled</effectiveStatus>
<disableTimestamp>2014-12-12T10:22:25.561-05:00</disableTimestamp>
</activation>
<iteration>0</iteration>
<iterationToken/>
<inducement id="1">
<construction>
<resourceRef oid="d0811790-1d80-11e4-86b2-3c970e467874" type="ResourceType"/>
</construction>
</inducement>
<requestable>false</requestable>
</role>
-------------- next part --------------
<role xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
oid="9abc45b0-2d13-47b2-b97f-fc4538fc90d7"
version="0">
<name>Test Role1</name>
<description>test role</description>
<metadata>
<createTimestamp>2014-12-12T10:22:25.654-05:00</createTimestamp>
<creatorRef oid="00000000-0000-0000-0000-000000000002" type="UserType"/>
<createChannel>http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#user</createChannel>
</metadata>
<activation>
<effectiveStatus>disabled</effectiveStatus>
<disableTimestamp>2014-12-12T10:22:25.561-05:00</disableTimestamp>
</activation>
<iteration>0</iteration>
<iterationToken/>
<inducement id="1">
<construction>
<resourceRef oid="d0811790-1d80-11e4-86b2-3c970e467874" type="ResourceType"/>
<attribute>
<ref xmlns:qn554="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3">qn554:ldapGroups</ref>
<outbound>
<expression>
<value>cn=testgroup2,ou=groups,dc=confluxsys,dc=com</value>
</expression>
</outbound>
</attribute>
</construction>
</inducement>
<requestable>false</requestable>
</role>
More information about the midPoint
mailing list