[midPoint] Create a role with read permission on users
Marco Benucci
m.benucci at nsr.it
Thu Feb 23 15:16:43 CET 2017
Hi,
I'm on midpoint 3.4.1 and I would like to create a role that grants to a
user to list all other users
and see (only see, not modify) their Basic, Projection and Assignment tabs.
I have assigned to this user the role "end user" and I created the role
"Guest" with the
the authorization
http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#users
and
http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#userDetails
but this user can see only himself.
PS: My other midpoint users do not have the "end user" role because they
do not have to access on midPoint.
Is this the "problem"?
Thank you
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20170223/bc240b5a/attachment.htm>
More information about the midPoint
mailing list