[midPoint] Group association with extra attribute from role
Alexandre Zia
alexandre.zia at ifood.com.br
Tue Mar 19 03:33:18 CET 2019
We have a situation were we have a role giving access to a group, through
group association, the classic scenario.
However, in this remote system there is only one group, and you assign this
group to a user AND an access role defining if this association will be
Admin or read-only.
Let me explain:
In the remote system we have:
User: A
User: B
Group: G
User A has group G associated with "Admin" role -> So he is an admin
User B has group G associated with "Viewer" role -> So he is read-only user
So in midpoint I've extended RoleType to add an attribute: "roleId".
(values can be 8 for admin, or 7 for viewer).
When assigning the role to an user, the group association passes the Group
ID to the connector, as expected,
But how can I pass this role attriibute "roleId" together with the groupId
in group association?
Thanks in advance.
Alexandre
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20190318/b5b61cd4/attachment.htm>
More information about the midPoint
mailing list