[midPoint] Assign approval work item to role
Pavol Mederly
mederly at evolveum.com
Mon Jul 27 13:00:49 CEST 2015
Ilija,
back from the vacation.
Created Org "wheel" with two users: admin1, admin2 (both having
Superuser role, not to bother with security).
Created role "testrole" where approver == wheel.
Attempted to create "testuser" with assigned "testrole".
Work item was created, where candidate is wheel (org).
After logging in as "admin1" - no "My work items", but one "Work items
claimable by me":
It can be claimed and released back, or directly processed.
Implementation is such that this Activiti Task is created like this -
see the second row:
I.e. its candidate group is in the form of "org:oid" where oid is the
midPoint OID of the "wheel" org.
For implementation, see e.g.
- PrepareApprover.execute (called from ItemApproval BPMN process) - maps
approverRef of type Role or Org to "role:oid" or "org:oid" Activiti
candidate group names
- and then see ItemApproval BPMN process, userTask
id="loopLevels.loopApprovers.approve.withGroups" (lines 123-131)
- WorkItemProvider. createQueryForTasksRelatedToUser (searching for work
items)
Hope this helps,
Pavol
On 22. 7. 2015 9:15, Дорофеев Илья wrote:
>
> Pavol,
>
> Thanks for the answer. I am sorry but the assignment to members of an
> org. unit didn’t work either. None of the members of the org. unit are
> offered a work item. I looked through the code and didn’t find any
> mentions of mapping between midPoint and Activiti groups. So, when an
> Activiti task is assigned to a candidate group
> org:c96bf133-10f6-4ed0-9c88-cb3c69bb27ec, the Activiti engine doesn’t
> really know the actual users of the group, and the task is basically
> assigned to no one.
>
> Could you show me that piece of code responsible for this behavior in
> case I’m wrong?
>
> Ilya
>
> *From:*midPoint [mailto:midpoint-bounces at lists.evolveum.com] *On
> Behalf Of *Pavol Mederly
> *Sent:* Tuesday, July 21, 2015 4:44 PM
> *To:* midPoint General Discussion
> *Subject:* Re: [midPoint] Assign approval work item to role
>
> Ilya,
>
> I've implemented this quite a long ago, so I'm having a little trouble
> remembering the current status. ;)
>
> But as described here:
> https://wiki.evolveum.com/display/midPoint/Current+status+and+future+plans:
>
> /#7: Ability to define approver not as an individual only, but also as
> a member of an org. unit; allowing to claim/release a work item.
> Currently this feature is limited to "direct" members, i.e. not to
> members of subordinate org. units. (Temporarily, it is possible to use
> a role as an approver as well, but this also applies only to users
> that have directly assigned this role - and perhaps support for this
> will be dropped in the future, see the following discussion on roles
> and orgs <https://wiki.evolveum.com/display/midPoint/Roles+and+Orgs>.)/
>
> So, the assignment to members of an org. unit works, but in a special
> mode: each of the members is offered the work item. (I.e. not assigned
> directly.) He/she may claim it, and work on it.
>
> As written above, I would suggest not using roles for this, but org.
> units instead. (Note that org. unit is a very general term. It may
> well correspond to an arbitrary group of people.)
>
> Hope this helps,
>
> Pavol
>
> ------------------------------------------------------------------------
>
> *From: *"ДорофеевИлья" <i.dorofeev at solarsecurity.ru
> <mailto:i.dorofeev at solarsecurity.ru>>
> *To: *"midPoint General Discussion" <midpoint at lists.evolveum.com
> <mailto:midpoint at lists.evolveum.com>>
> *Sent: *Tuesday, July 21, 2015 12:24:56 PM
> *Subject: *[midPoint] Assign approval work item to role
>
> Hi,
>
> I have just come across a problem of assigning approval work item to a
> role.
>
> <role>
>
> <approverRef oid="1ae3ab25-188f-4685-a073-fe522c55e057"
> type="c:RoleType"><!-- resource_owner --></approverRef>
>
> </role>
>
> I expected that the created workitem(s) would be assigned to all the
> users included in the ‘resource_owner’ role. Is this not implemented yet?
>
> Regards, Ilya
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20150727/cd164141/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cicaidef.png
Type: image/png
Size: 13661 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20150727/cd164141/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cbagheai.png
Type: image/png
Size: 12189 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20150727/cd164141/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: gjabadhf.png
Type: image/png
Size: 6278 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20150727/cd164141/attachment-0002.png>
More information about the midPoint
mailing list