[midPoint] Midpoint - Add conditional approval flow

Vitor Alves | Gerencianet vitor.alves at gerencianet.com.br
Thu Sep 8 13:58:42 CEST 2022


Hello community!

We already have an approval flow in place, which assigns the Line Manager for the approval, if it does not exist, the approval is denied as follows:

<inducement id="10">
    <policyRule>
        <name>Approval Flow</name>
        <policyConstraints>
            <assignment id="11"/>
        </policyConstraints>
        <policyActions>
            <approval id="12">
                <compositionStrategy>
                    <order>10</order>
                </compositionStrategy>
                <approvalSchema>
                    <stage id="13">
                        <name>Approvers/Line managers</name>
                        <approverExpression>
                            <script>
                                <code>midpoint.getManagersOidsExceptUser(object)</code>
                            </script>
                        </approverExpression>
                        <evaluationStrategy>firstDecides</evaluationStrategy>
                        <outcomeIfNoApprovers>reject</outcomeIfNoApprovers>
                        <duration>P7D</duration>
                    </stage>
                </approvalSchema>
            </approval>
        </policyActions>
    </policyRule>
</inducement>

The problem we are facing is when the manager himself requests a role, the process is cancelled. Ideally, if there is no manager or if he himself is the manager, this request should be forwarded to a member of the "Security-Approvers" organization. I made a configuration, based on steps, but the flow is always forwarded to this second step, which would not be correct, as I only need it to be forwarded to the members of that organization if it doesn't find any approver. can anybody help me?



Regards,

-----
Vitor Alves

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20220908/e6376ce9/attachment.htm>


More information about the midPoint mailing list