[midPoint] Hide unwanted roles in the user role assignment tab.
Yakov Revyakin
yrevyakin at gmail.com
Tue May 16 10:04:53 CEST 2023
I was looking for an answer how to limit roles list a post before. You can
find explanation in the topic "Authorization role to allow read own
managers"
Main mistake is using "#read" authorization which means "#get" + "#search".
To limit a list you need to use "#search" for RoleType I think.
On Mon, 15 May 2023 at 18:35, Sébastien MARBRIER via midPoint <
midpoint at lists.evolveum.com> wrote:
> Dear Community
>
>
>
> I have a role to assign and unassign a few roles to users.
>
>
>
> I did it this way to list the allowed roles:
>
> <authorization id="41">
>
> <action>
> http://midpoint.evolveum.com/xml/ns/public/security/authorization-model-3#get
> </action>
>
> <action>
> http://midpoint.evolveum.com/xml/ns/public/security/authorization-model-3#read
> </action>
>
> <object id="31">
>
> <type>ObjectCollectionType</type>
>
> <filter>
>
> <q:inOid>
>
> <q:value>oidValue</q:value>
>
> </q:inOid>
>
> </filter>
>
> </object>
>
> </authorization>
>
>
>
> And so on.
>
>
>
> Then, when the “manager” clicks on a user to add a role, the desired
> roles are available and it can perform the assign/unassign operation.
>
> The issue is that requestable roles are also listed even if the
> assign/unassign operation cannot be performed.
>
> In order to have a clean view, how the unwanted roles can be hidden ?
>
>
>
> I also have another issue, the Preview Changes button does not work for my
> user manager, do you know a way either to give the permission or simply to
> hide this button from the GUI ?
>
> My midpoint version is a 4.0.1
>
>
>
> Best regards,
>
>
>
>
>
> [image: logo] <https://www.positivethinking.tech/>
>
>
>
> *Sébastien Marbrier* | Senior IT Consultant
> smarbrier at positivethinking.tech
>
> Tel. +41 21 601 81 00 <+41%2021%20601%2081%2000>
>
>
> [image: Teams chat]
> <https://teams.microsoft.com/l/chat/0/0?users=smarbrier@positivethinking.tech>
>
>
> <https://teams.microsoft.com/l/chat/0/0?users=smarbrier@positivethinking.tech>
>
> Chat with me on Teams
> <https://teams.microsoft.com/l/chat/0/0?users=smarbrier@positivethinking.tech>
>
>
>
>
>
> <https://www.linkedin.com/company/the-positive-thinking-company/>
> <https://www.instagram.com/positivethinkingcompany/>
> <https://twitter.com/PTC_Tech>
> <https://youtube.com/channel/UCfaImWa6r0IoZoUYLhbiF7w>
>
> Avenue d'Ouchy 4 – CH 1006 Lausanne
> www.positivethinking.tech
>
>
>
>
>
>
> ------------------------------
> *Collaboration Betters the World and its subsidiaries and brands (Positive
> Thinking Company, Versett, AlisPharm, Otofacto, OneAston and SteepConsult)
> put security at a high priority in its conduct of business. Therefore, we
> have put our best efforts into ensuring that this email and its attached
> documents are error and virus-free. Nonetheless, full security of
> emails/documents cannot be ensured. Therefore, the recipient is responsible
> for checking the email/documents for threats with its own security
> measures, prior to opening it. Collaboration Betters the World does not
> accept liability for any damage inflicted by using the content of this
> email/documents. If you are not the intended recipient, please notify the
> sender and delete this email/document.*
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> https://lists.evolveum.com/mailman/listinfo/midpoint
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20230516/0089bc05/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 7735 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20230516/0089bc05/attachment-0006.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 686 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20230516/0089bc05/attachment-0007.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.png
Type: image/png
Size: 2337 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20230516/0089bc05/attachment-0008.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.png
Type: image/png
Size: 2756 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20230516/0089bc05/attachment-0009.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image005.png
Type: image/png
Size: 2358 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20230516/0089bc05/attachment-0010.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image006.png
Type: image/png
Size: 2669 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20230516/0089bc05/attachment-0011.png>
More information about the midPoint
mailing list