[midPoint] Role Catalog

Wojciech Staszewski wojciech.staszewski at diagnostyka.pl
Wed Jan 18 09:30:09 CET 2017


Does anybody know what to do to enable role catalog for "end user"? What to add into "end user" role?
At the moment role catalog is available only for admin.

I have read this https://wiki.evolveum.com/display/midPoint/GUI+Authorizations
but there is nothing related to roleCatalog.
End User role contains already read access to "OrgType" and "RoleType", but the RoleCatalog is still unaccessible.

Thanks!
Regards,
Wojciech Staszewski
www.skygge.com

W dniu 16.01.2017 o 09:26, Wojciech Staszewski pisze:
> Hello!
> 
> I added section mentioned by Kateryna Honchar (thank you!) into end user role and now the cog menu is visible for end user in SelfService.
> But I have no idea what I need to add in the end user role to enable Role Catalog view. I tried to search the documentation but I found nothing.
> I tried also add new authorization section with "RoleCatalog" type but it doesn't work. This is some kind of blindfold work without documentation :(.
> Someone knows?
> 
> Thanks, Regards,
> Wojciech Staszewski
> www.skygge.com
> 
> W dniu 15.01.2017 o 22:58, Wojciech Staszewski pisze:
>> It doesn't work for end user. :(
>>
>> I see role catalog (I have Superuser role).
>> Common user (with MidPoint End user role) can't see it.
>> And the cog icon with "unassign" option is invisible for end user as well.
>> ...
>> Regards,
>> WS
>> www.skygge.com
>>
>> Dnia niedziela, 15 stycznia 2017 20:55:23 CET Wojciech Staszewski pisze:
>>> Thanks, now it works!
>>>
>>> Regards,
>>> WS
>>> www.skygge.com
>>>
>>> Dnia niedziela, 15 stycznia 2017 20:06:07 CET Martin Lízner - AMI Praha a.s. pisze:
>>>> Hi, you point system configuration to your org root. M.
>>>>
>>>>    <roleManagement>
>>>>       <roleCatalogRef oid="c5914a4c-fb27-48ee-8e10-b1f5af3981fb"
>>>> type="c:OrgType"/>
>>>>    </roleManagement>
>>>>
>>>> Martin Lízner
>>>> solution architect
>>>>
>>>> gsm: [+420] 737 745 571
>>>> e-mail: martin.lizner at ami.cz <jmeno.prijmeni at ami.cz>
>>>>
>>>>
>>>> AMI Praha a.s.
>>>> Pláničkova 11
>>>> 162 00 Praha 6
>>>> tel.: [+420] 274 783 239
>>>> web: www.ami.cz
>>>>
>>>>
>>>>
>>>> [image: AMI Praha a.s.] <http://www.skyidentity.com/>
>>>>
>>>> Textem tohoto e-mailu podepisující neslibuje uzavřít ani neuzavírá za
>>>> společnost AMI Praha a.s.
>>>> jakoukoliv smlouvu. Každá smlouva, pokud bude uzavřena, musí mít výhradně
>>>> písemnou formu.
>>>>
>>>>
>>>> 2017-01-15 19:59 GMT+01:00 Wojciech Staszewski <
>>>> wojciech.staszewski at diagnostyka.pl>:
>>>>
>>>>> Hello!
>>>>>
>>>>> I configured "Role catalog" basing on the example provided by Evolveum.
>>>>> New organizational tree was created with categories and roles within these
>>>>> categories.
>>>>> But I cannot find any example how to connect this catalog to system
>>>>> configuration XML, so I got error in SelfService:
>>>>> "Role catalog is not configured in the system configuration xml".
>>>>>
>>>>> How to configure "system configuration xml" to enable Role catalog?
>>>>>
>>>>> Thanks
>>>>> Wojciech Staszewski
>>>>> www.skygge.com
>>>>> _______________________________________________
>>>>> midPoint mailing list
>>>>> midPoint at lists.evolveum.com
>>>>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>>>>
>>>>
>>>
>>> _______________________________________________
>>> midPoint mailing list
>>> midPoint at lists.evolveum.com
>>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>>
>>
>>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
> 



More information about the midPoint mailing list