<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body vlink="#551A8B" text="#000000" link="#0B6CDA" bgcolor="#ffffff"
alink="#EE0000">
<p>Hi Patrik,</p>
<p>I solved this by using a custom query and checking if the actor
is also an approver:</p>
<p><br>
</p>
<pre><approverExpression></pre>
<pre> <script></pre>
<pre> <code></pre>
<pre> import com.evolveum.midpoint.xml.ns._public.common.common_3.*;</pre>
<pre> import com.evolveum.midpoint.schema.constants.RelationTypes;</pre>
<pre> import com.evolveum.midpoint.schema.util.ObjectTypeUtil;</pre>
<pre> import java.util.stream.Collectors;
prismContext = midpoint.getPrismContext();
actorOid = actor.getOid();
</pre>
<pre>
approverQuery = prismContext.queryFor(UserType.class)</pre>
<pre> .ref(FocusType.F_PARENT_ORG_REF, OrgType.COMPLEX_TYPE, RelationTypes.MANAGER.getRelation(), target.getOid()).all()</pre>
<pre> .build();</pre>
<pre>
List approvers = midpoint.searchObjects(UserType.class, approverQuery);</pre>
<pre>
for(approver in approvers){</pre>
<pre> if(approver.getOid() == actorOid){</pre>
<pre> return null;</pre>
<pre> }</pre>
<pre> }</pre>
<pre>
</pre>
<pre> return approvers.stream().map(obj -> ObjectTypeUtil.createObjectRef(obj,prismContext)).collect(Collectors.toList());</pre>
<pre>
</pre>
<pre> </code></pre>
<pre> </script></pre>
<pre></approverExpression></pre>
<p><br>
</p>
<div class="moz-cite-prefix">This may not be the best solution, but
I didn't find a better one.<br>
So if someone knows a better way, feel free to correct me.</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">Kind Regards<br>
</div>
<div class="moz-cite-prefix">Sven<br>
</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">Am 18.04.23 um 15:21 schrieb Patrik
Sidler via midPoint:<br>
</div>
<blockquote type="cite"
cite="mid:GVAP278MB02319800A5D7EB3ADF206A4BEF9D9@GVAP278MB0231.CHEP278.PROD.OUTLOOK.COM">
<pre class="moz-quote-pre" wrap="">Hi Community,
I have an issue and do not know how to get this solved.
We have several roles created that have a "Manager Approval" metarole assigned to it.
<role oid="5a9ece69-86ca-4e29-8457-c080287dac35">
<name>Manager Approval Metarole</name>
<inducement id="10">
<policyRule>
<policyConstraints>
<assignment id="11">
<operation>add</operation>
</assignment>
</policyConstraints>
<policyActions>
<approval id="12">
<compositionStrategy>
<order>10</order>
</compositionStrategy>
<approvalSchema>
<stage id="13">
<name>Line managers</name>
<approverExpression>
<script>
<code>midpoint.getManagersOidsExceptUser(object)</code>
</script>
</approverExpression>
<evaluationStrategy>firstDecides</evaluationStrategy>
<outcomeIfNoApprovers>reject</outcomeIfNoApprovers>
</stage>
</approvalSchema>
</approval>
</policyActions>
</policyRule>
</inducement>
</role>
Whenever one those roles are requested by someone, the manager of the person that receives the role has to approve the assignment.
So far so good.
But now, when my manager requests this role for me, he also has to approve this request.
How can I suppress this approval step when the requester and the approver are the same person?
Thank you in advance for your help.
Best regards,
Patrik Sidler
_______________________________________________
midPoint mailing list
<a class="moz-txt-link-abbreviated" href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a>
<a class="moz-txt-link-freetext" href="https://lists.evolveum.com/mailman/listinfo/midpoint">https://lists.evolveum.com/mailman/listinfo/midpoint</a>
</pre>
</blockquote>
</body>
</html>