[midPoint] assignment checking
Oskar Butovič - AMI Praha a.s.
oskar.butovic at ami.cz
Tue Jun 28 15:15:15 CEST 2016
Hello All,
I am trying to check in mapping in user template wether the user has
particular role.
for example following scenario
i create new user with identityType (extension parameter) employee. I wan
to assign role Employee to users with this type.
in some time employee leaves company and his account is cancelled by
assigning expiredEmployee role
i understand that so far it can be made by setting
<authoritative>true</authoritative>
but i also want for this role to be kept when user is editted ad his
identity Type is no longer employee.
this could be done with <authoritative>false</authoritative> but it then
prevent prevoius scenario. If i would be able to check current roles of the
user i could accomplish all required behaviour
with <authoritative>true</authoritative>.
Do you have any advice or code snippet how to resolve this problem?
Regards
Oskar Butovič
--
Oskar Butovič
solution architect
gsm: [+420] 774 480 101
e-mail: oskar.butovic at ami.cz
AMI Praha a.s.
Pláničkova 11
162 00 Praha 6
tel.: [+420] 274 783 239
web: www.ami.cz
[image: AMI Praha a.s.]
[image: AMI Praha a.s.]
<http://www.ami.cz/reseni-a-sluzby/bezpecnost-dat/identity-management>
Textem tohoto e-mailu podepisující neslibuje uzavřít ani neuzavírá za
společnost AMI Praha a.s.
jakoukoliv smlouvu. Každá smlouva, pokud bude uzavřena, musí mít výhradně
písemnou formu.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160628/3ad65ebe/attachment.htm>
More information about the midPoint
mailing list