[midPoint] Allowing end users to request association to roles or organisations.

Wed Dec 13 16:24:06 CET 2017

Thanks for the quick reply! That's solved it.

Christopher

On 13 December 2017 at 13:57, Christopher Hoskin <
christopher.hoskin at gmail.com> wrote:

> Hello,
>
> I'm evaluating MidPoint for my employer.
>
> One of the features that we're interested in is allowing end users to
> request association with a role or organisation. If I log in to the web
> interface as the administrator, then I can see roles and organisations
> under 'Request a role'. If I log in as a user with an assignment to the
> 'End User' role, then I can't see any roles or organisations to request an
> association with.
>
> Doing a little reading, it appears that the user needs a role with the
> 'selfRequestAssignment' authorization. So I have created a copy of the End
> User role and added the following authorization:
>
>       <authorization id="11">
>          <action>http://midpoint.evolveum.com/xml/ns/public/
> security/authorization-ui-3#selfRequestAssignment</action>
>       <object>
>          <special>self</special>
>       </object>
>       </authorization>
>
> However, when I log in as a user with this new role, I am still unable to
> see any roles or organisations to request association with.
>
> Have I got something wrong? Is there something else I need to do?
>
> Thanks.
>
> Christopher Hoskin
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20171213/dd34144c/attachment.htm>