<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
Hi Petr,<br>
<br>
please check the <b>GUI</b> authorization namespaces, there was a
change for the upcoming 3.2.<br>
<br>
e.g.
<a class="moz-txt-link-freetext" href="http://midpoint.evolveum.com/xml/ns/public/security/authorization">http://midpoint.evolveum.com/xml/ns/public/security/authorization</a><b>-ui</b>-3#dashboard<br>
<br>
The End User and Superuser role are already modified in XML files,
not sure about the documentation...<br>
<br>
Please try.<br>
Regards,<br>
Ivan<br>
<br>
<div class="moz-cite-prefix">On 07/31/2015 05:24 PM, Petr Gašparík
wrote:<br>
</div>
<blockquote
cite="mid:CAFmDq44VnKFvBvogiHzzrDhnXEffydhcL9kRaB8C+HihFUV98w@mail.gmail.com"
type="cite">
<div dir="ltr">Hi,
<div>I tried to setup delegated administrator for organization
(user management + workflow tasks) and ended with role like
below. This, assigned to user, does not allow him to see
attributes when creating user, thus admin can't enter values
into them (name, for example). </div>
<div><br>
</div>
<div>What am I missing? Is there example for delegated
administrator? (I checked web and git already)</div>
<div><br>
</div>
<div>regards</div>
<div>Petr G.</div>
<div><br>
</div>
<div>-------------------------------------------</div>
<div><br>
</div>
<div>
<div><role xmlns="<a moz-do-not-send="true"
href="http://midpoint.evolveum.com/xml/ns/public/common/common-3">http://midpoint.evolveum.com/xml/ns/public/common/common-3</a>"</div>
<div> xmlns:icfs="<a moz-do-not-send="true"
href="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3">http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3</a>"</div>
<div> xmlns:t="<a moz-do-not-send="true"
href="http://prism.evolveum.com/xml/ns/public/types-3">http://prism.evolveum.com/xml/ns/public/types-3</a>"</div>
<div> xmlns:c="<a moz-do-not-send="true"
href="http://midpoint.evolveum.com/xml/ns/public/common/common-3">http://midpoint.evolveum.com/xml/ns/public/common/common-3</a>"</div>
<div> xmlns:q="<a moz-do-not-send="true"
href="http://prism.evolveum.com/xml/ns/public/query-3">http://prism.evolveum.com/xml/ns/public/query-3</a>"</div>
<div> xmlns:ri="<a moz-do-not-send="true"
href="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3">http://midpoint.evolveum.com/xml/ns/public/resource/instance-3</a>"</div>
<div> oid="delegatedAdmin"</div>
<div> version="23"></div>
<div> <name>Delegated administrator</name></div>
<div> <activation><br>
</div>
<div>
<effectiveStatus>enabled</effectiveStatus></div>
<div> </activation></div>
<div> <iteration>0</iteration></div>
<div> <iterationToken/></div>
<div> <authorization id="1"></div>
<div> <action><a moz-do-not-send="true"
href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-model-3#read">http://midpoint.evolveum.com/xml/ns/public/security/authorization-model-3#read</a></action></div>
<div> <action><a moz-do-not-send="true"
href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-model-3#modify">http://midpoint.evolveum.com/xml/ns/public/security/authorization-model-3#modify</a></action></div>
<div> <object></div>
<div> <type>OrgType</type></div>
<div> </object></div>
<div> <object></div>
<div> <type>ResourceType</type></div>
<div> </object></div>
<div> <object></div>
<div> <type>RoleType</type></div>
<div> </object></div>
<div> <object></div>
<div> <type>ShadowType</type></div>
<div> </object></div>
<div> <object></div>
<div> <type>UserType</type></div>
<div> <orgRef xmlns:tns="<a moz-do-not-send="true"
href="http://midpoint.evolveum.com/xml/ns/public/common/common-3">http://midpoint.evolveum.com/xml/ns/public/common/common-3</a>"</div>
<div>
oid="3404b331-57c0-4bef-b699-0192ce8d728b"</div>
<div> type="tns:OrgType"></orgRef></div>
<div> </object></div>
<div> </authorization></div>
<div> <authorization id="2"></div>
<div> <action><a moz-do-not-send="true"
href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#dashboard">http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#dashboard</a></action></div>
<div> <action><a moz-do-not-send="true"
href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#myPasswords">http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#myPasswords</a></action></div>
<div> <action><a moz-do-not-send="true"
href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#users">http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#users</a></action></div>
<div> <action><a moz-do-not-send="true"
href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#userDetails">http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#userDetails</a></action></div>
<div> <action><a moz-do-not-send="true"
href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#findUsers">http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#findUsers</a></action></div>
<div> <action><a moz-do-not-send="true"
href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#orgTree">http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#orgTree</a></action></div>
<div> <action><a moz-do-not-send="true"
href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#workItems">http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#workItems</a></action></div>
<div> <action><a moz-do-not-send="true"
href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#workItem">http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#workItem</a></action></div>
<div> <action><a moz-do-not-send="true"
href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#workItemsMyRequests">http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#workItemsMyRequests</a></action></div>
<div> <action><a moz-do-not-send="true"
href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#workItemsProcessInstance">http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#workItemsProcessInstance</a></action></div>
<div> </authorization></div>
<div></role></div>
</div>
</div>
<div dir="ltr">-- <br>
</div>
<div dir="ltr">--
<div>Petr G.</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
midPoint mailing list
<a class="moz-txt-link-abbreviated" href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a>
<a class="moz-txt-link-freetext" href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a>
</pre>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Ing. Ivan Noris
Senior Identity Management Engineer & IDM Architect
evolveum.com evolveum.com/blog/
___________________________________________________
"Semper Id(e)M Vix."
</pre>
</body>
</html>