<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<p>Hello Aivo,</p>
<p><br>
</p>
<p>that's interesting. It should work. I don't see any obvious
problem; but have not enough time to try it myself now.<br>
</p>
<p><br>
</p>
<p>You could enable TRACE logging for
com.evolveum.midpoint.model.impl.expr.OrgStructFunctionsImpl and
run your test once again.</p>
<p>If still no clue, please paste here relevant parts of the log, as
well as XML of your testuser, testmanager, testorg objects.</p>
<p><br>
</p>
<p>Best regards,<br>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
</p>
<pre class="moz-signature" cols="72">Pavol Mederly
Software developer
evolveum.com
</pre>
<div class="moz-cite-prefix">On 12.08.2016 13:00, Aivo Kuhlberg
wrote:<br>
</div>
<blockquote cite="mid:1470999652638.48996@rmit.ee" type="cite">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<style type="text/css" style="display:none"><!--P{margin-top:0;margin-bottom:0;} --></style>
<p>Hello,<br>
</p>
<p>I am trying to test (in MP 3.4) the situation where user
requests a role which requires user's organization manager
approval but so far have not succeded.<br>
I created following role (based on Sensitive Role 3 example
here: <a class="moz-txt-link-freetext" href="https://wiki.evolveum.com/display/midPoint/Some+examples">https://wiki.evolveum.com/display/midPoint/Some+examples</a> )<br>
<br>
<span style="font-family: Consolas,monospace; font-size: 11pt;
color: rgb(114, 50, 173);"><span style="color: rgb(114, 50,
173);"><role
xmlns=<a class="moz-txt-link-rfc2396E" href="http://midpoint.evolveum.com/xml/ns/public/common/common-3">"http://midpoint.evolveum.com/xml/ns/public/common/common-3"</a>></span></span><br
style="font-family: Consolas,monospace; font-size: 11pt;
color: rgb(114, 50, 173);">
<span style="font-family: Consolas,monospace; font-size: 11pt;
color: rgb(114, 50, 173);"><span style="color: rgb(114, 50,
173);">
<name>testrole-needsmanagerapproval</name></span></span><br
style="font-family: Consolas,monospace; font-size: 11pt;
color: rgb(114, 50, 173);">
<span style="font-family: Consolas,monospace; font-size: 11pt;
color: rgb(114, 50, 173);"><span style="color: rgb(114, 50,
173);"> <requestable>true</requestable></span></span><br
style="font-family: Consolas,monospace; font-size: 11pt;
color: rgb(114, 50, 173);">
<span style="font-family: Consolas,monospace; font-size: 11pt;
color: rgb(114, 50, 173);"><span style="color: rgb(114, 50,
173);"> <approverExpression></span></span><br
style="font-family: Consolas,monospace; font-size: 11pt;
color: rgb(114, 50, 173);">
<span style="font-family: Consolas,monospace; font-size: 11pt;
color: rgb(114, 50, 173);"><span style="color: rgb(114, 50,
173);"> <description>Get user's managers
(except the user itself)</description></span></span><br
style="font-family: Consolas,monospace; font-size: 11pt;
color: rgb(114, 50, 173);">
<span style="font-family: Consolas,monospace; font-size: 11pt;
color: rgb(114, 50, 173);"><span style="color: rgb(114, 50,
173);"> <script></span></span><br
style="font-family: Consolas,monospace; font-size: 11pt;
color: rgb(114, 50, 173);">
<span style="font-family: Consolas,monospace; font-size: 11pt;
color: rgb(114, 50, 173);"><span style="color: rgb(114, 50,
173);">
<code>midpoint.getManagersOidsExceptUser(object)</code></span></span><br
style="font-family: Consolas,monospace; font-size: 11pt;
color: rgb(114, 50, 173);">
<span style="font-family: Consolas,monospace; font-size: 11pt;
color: rgb(114, 50, 173);"><span style="color: rgb(114, 50,
173);"> </script></span></span><br
style="font-family: Consolas,monospace; font-size: 11pt;
color: rgb(114, 50, 173);">
<span style="font-family: Consolas,monospace; font-size: 11pt;
color: rgb(114, 50, 173);"><span style="color: rgb(114, 50,
173);"> </approverExpression></span></span><br
style="font-family: Consolas,monospace; font-size: 11pt;
color: rgb(114, 50, 173);">
<span style="font-family: Consolas,monospace; font-size: 11pt;
color: rgb(114, 50, 173);"><span style="color: rgb(114, 50,
173);"></role></span></span><br style="font-family:
Consolas,monospace; font-size: 11pt;">
<br>
I have created users testuser and testmanager and added both to
the organization testorg as members and also testmanager as
manager.<br>
I added role Approver to testmanager.<br>
Now when I request the role "testrole-needsmanagerapproval" for
user testuser the role gets automatically assigned without
manager approval. Seems that the getManagersOidsExceptUser
function does not find any manager for that user and therefore
approves automatically this role. Why it is so?<br>
<br>
</p>
<p>Best regards,</p>
<p>Aivo Kuhlberg<br>
</p>
<br>
<hr>
<font face="Arial" color="Gray" size="2">Käesolev e-kiri võib
sisaldada asutusesiseseks kasutamiseks tunnistatud teavet.<br>
This e-mail may contain information which is classified for
official use.</font>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
midPoint mailing list
<a class="moz-txt-link-abbreviated" href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a>
<a class="moz-txt-link-freetext" href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a>
</pre>
</blockquote>
<br>
</body>
</html>