Differences
This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
devel:documentation:roles:adm:authorization [2019/01/28 13:31] kotisovam created |
devel:documentation:roles:adm:authorization [2019/08/15 10:29] (current) doischert |
||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== Permission ====== | ||
+ | Role permission defines rights for administrator actions in CzechIdM. A permission for CzechIdM is not necessarily defined for every role. A permission is, for example, READ on USERS. A user having a role with this specific permission can see the read-only detail of all identities in CzechIdM. | ||
+ | |||
+ | {{ : | ||
+ | |||
===== Permission setting mechanism ===== | ===== Permission setting mechanism ===== | ||
Line 76: | Line 81: | ||
> > > > IdmTreeNode + Zobrazení v našeptávačích a výběrech'' | > > > > IdmTreeNode + Zobrazení v našeptávačích a výběrech'' | ||
- | <note> | + | . |
- | Roles - coming soon \\ | + | . |
- | </note> | + | |
+ | '' | ||
+ | > > Agenda žádostí (univerzální) (IdmRequest) – role changes (items, role supervisor)\\ | ||
+ | > > | ||
+ | > > Žádosti o automatické role (IdmAutomaticRoleRequest) – create, change automatic roles\\ | ||
+ | > > | ||
+ | > > Role automatické (organizační struktura) (IdmRoleTreeNode) \\ | ||
+ | > > > > > > Role - definice business rolí (IdmRoleComposition) \\ | ||
+ | > > > > > > Role automatické - pravidla (atributy) (IdmAutomaticRoleAttributeRule) \\ | ||
+ | > > > > > > Role automatické (atributy) (IdmAutomaticRoleAttribute) \\ | ||
+ | > > | ||
+ | > > | ||
+ | > > Role – dle katalogu (IdmRoleCatalogue)\\ | ||
+ | > > Role – dle katalogu (IdmRoleCatalogueRole)'' | ||
| | ||
==== Activities ==== | ==== Activities ==== | ||
- | A user may only be allowed to do certain types of actions in respect with specific agendas: | + | A user may be allowed to do only certain types of actions in respect with specific agendas: |
* administer all | * administer all |