===== Provisioning - role catalogues ===== {{tag> role catalogue provisioning}} Role catalogue provisioning has a different behavior than the provision of identities. The main difference is the absence of a separate account management mechanism. In the case of identities, the [[..:..:accounts:dev:account-management | Account management]] that creates and (depending on) the IDM account depending on the assigned roles. In the case of role catalogue, account management is directly linked to the creation / modification / deletion event of the catalogue node. -If we **create** a new role catologue node, the event is publish and catches by the processor (in the **ACC** module) [[https://github.com/bcvsolutions/CzechIdMng/blob/develop/Realization/backend/acc/src/main/java/eu/bcvsolutions/idm/acc/event/processor/RoleCatalogueSaveProcessor.java|RoleCatalogueSaveProcessor]]. This first creates an **IDM account** by calling ProvisioningService.createAccountsForAllSystems. It creates an IDM account (and associated bindings) for all systems that have provisioning mapping for role catalogue. Subsequently, the **provisioning** itself is triggered. - If we **modify** a catalogue node, the event is publish and catches by the same processor and performs the same operations as the previous point. - If we **delete** a catalogue node, the delete event is publisch and catches by [[https://github.com/bcvsolutions/CzechIdMng/blob/develop/Realization/backend/acc/src/main/java/eu/bcvsolutions/idm/acc/event/processor/RoleCatalogueDeleteProcessor.java|RoleCatalogueDeleteProcessor]]. This processor delete all **AccRoleCatalogueAccount** relations and linked AccAccount (account on end system too). By default, catalogue provisioning is provided by [[https://github.com/bcvsolutions/CzechIdMng/blob/develop/Realization/backend/acc/src/main/java/eu/bcvsolutions/idm/acc/service/impl/RoleCatalogueProvisioningExecutor.java | RoleCatalogueProvisioningExecutor]], which primarily resolves the conversion between the parent IdmRoleCatalogue and the value of the parent attribute on the system.