Modules - Recertification [rec]

← .:modules_crt | ^ .:start | Documentation ^ .:modules_sms →

Role recertification module approves assigned user roles again.

When user has a lot of assigned roles for a long time, we want to check these assigned roles periodicaly (in a half year interval for security reasons), if some assigned role has to be already removed. Currently valid manual direct assigned roles are checked - only manual roles can be assigned and stay assigend, after user is changed some way (e.g. user contract is exluded, work position was changed).

• Recertification action - recertification action (bulk action) creates recertification requests. Action can be executed from user or role table.
• Recertification request - recertification request is created for single user contract or role (by recertification type, see below) an contains items.
• Recertification item - single assigned role, which schould be apporoved in recertification request. Item = assigned user role can be approved (~recertificated) or removed.

Recertification type defines, who can approve role recertification request and define request content:

1. Approve by user contract manager (CONTRACT) - recertification request is created for each user contract included in recerrrtification action. Managers defined by user contract can approve this request.
2. Approve by role guarantee (ROLE) - recertification request is created for each role included in recerrrtification action. Role guarantees defined by user or by role can approve this request.

- #1760: Move tab from identity detail to roles tab. - #1759: Run recertification action again.

• Security
• Configuration

• Module - Recertification

• Filters