[midPoint] Role Assignment Condition Not Evaluated on Recompute

Lubomir Odlevak odlevak.lubomir at gmail.com
Mon Jul 14 23:40:23 CEST 2025 

Hey Sebastian,
 you need to set  mapping strength from "normal" to "strong". This ensures
it's always re-evaluated.

Best Regards

Lubo

po 14. 7. 2025 o 21:35 Sebastian Beetz via midPoint <
midpoint at lists.evolveum.com> napísal(a):

> Hello!
>
>
>
> I am currently trying to introduce a condition to automatic role
> assignments according to
> https://docs.evolveum.com/midpoint/reference/support-4.8/roles-policies/automatic-role-assignment/
> .
>
> Now I want to update existing user assignments according to the condition.
> Problem is that the condition is not evaluated, neither through recompute
> nor reconcile.
>
> When the user object is updated, e.g. by changing the description
> attribute, the assignment condition is correctly evaluated.
>
>
>
> Am I missing something here? Am I doing something wrong?
>
>
>
> The mapping in the user template looks like this:
>
> <mapping id="3">
>
>         <name>Role Assignment</name>
>
>         <strength>normal</strength>
>
>         <source>
>
>             <path>description</path>
>
>         </source>
>
>         <expression>
>
>             <value xmlns=
> http://midpoint.evolveum.com/xml/ns/public/common/common-3>
>
>                 <targetRef xmlns="">
>
>                     <oid>cc65382f-28a3-40a4-84e8-822d312d61cd</oid>
>
>                     <type>c:RoleType</type>
>
>                 </targetRef>
>
>             </value>
>
>         </expression>
>
>         <target>
>
>             <path>assignment</path>
>
>         </target>
>
>         <condition>
>
>             <script>
>
>                 <code>description?.split(":")[1] != 'EXPIRED'</code>
>
>             </script>
>
>         </condition>
>
>     </mapping>
>
>
>
> I already tried different strength settings as well as omitting it
> completely.
>
>
>
> As always, every help is appreciated.
>
>
>
> Best Regards
>
> Sebastian
>
>
>
> *Sebastian Beetz* | Solution Consultant, Team Lead Internal Infrastructure
> Mobil: +49 151 67806842 | Tel: +49 6151 7869-142
>
> *KOGIT GmbH* | Rheinstr. 40-42 | 64283 Darmstadt
> www.kogit.de | LinkedIn <https://de.linkedin.com/company/kogit-gmbh> |
> Xing <https://www.xing.com/pages/kogitgmbh> | Instagram
> <https://www.instagram.com/kogit_gmbh/>
>
> Geschäftsführer: Gerald Kaufhold
> Amtsgericht Darmstadt | HRB 8640 | Ust-IdNr: DE224251141
> Datenschutzhinweise | www.kogit.de/datenschutz
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> https://lists.evolveum.com/mailman/listinfo/midpoint
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20250714/ba8b7008/attachment.htm>

More information about the midPoint mailing list