Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision Both sides next revision
devel:documentation:security:dev:authorization [2019/11/13 07:39]
tomiskar [Default settings of permissions for an identity profile] 		devel:documentation:security:dev:authorization [2020/01/30 14:18]
apeterova skip role approve permission
Line 398: Line 398:
   * Permission to autocomplete main form definition: Forms - definitions (IdmFormDefiniton) | Displaying in autocomplete, selections | UuidEvaluator - enter main definition (for identities) identifier   * Permission to autocomplete main form definition: Forms - definitions (IdmFormDefiniton) | Displaying in autocomplete, selections | UuidEvaluator - enter main definition (for identities) identifier
   * Permission to update phone attribute: Forms - values (IdmIdentityFormValue) | Read, Update | IdentityFormValueEvaluator - select form definition, enter 'phone' as attributes and check logged user only checkbox.   * Permission to update phone attribute: Forms - values (IdmIdentityFormValue) | Read, Update | IdentityFormValueEvaluator - select form definition, enter 'phone' as attributes and check logged user only checkbox.
 +
 +==== Settings which enable skipping of the role approvement ====
 +
 +Assignment of roles is normally approved by the standard [[devel:documentation:role_change|approval process]]. The approval process may be skipped by executing the bulk action for [[tutorial:adm:identities_bulk_actions#roles_assignment|Role assignment]] with unchecked Approve, but only if the user has the following permission:
 +  * Permission to directly execute role requests: Role requests (IdmRoleRequest) | Execute | BasePermissionEvaluator
  
 ===== Employing policies for a new domain type - entity ===== ===== Employing policies for a new domain type - entity =====
  • by koulaj