Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
|
devel:documentation:security:dev:authorization [2020/04/22 11:26] tomiskar [Settings of permissions of identity basic attributes] |
devel:documentation:security:dev:authorization [2020/04/23 09:59] tomiskar [Default settings of permissions for an identity profile] |
||
|---|---|---|---|
| Line 236: | Line 236: | ||
| Gives a permission for code list items according to the permission for the code list => e.g. If I have a permission to read a code list, I have a permission to read its items. | Gives a permission for code list items according to the permission for the code list => e.g. If I have a permission to read a code list, I have a permission to read its items. | ||
| + | |||
| + | ==== CodeListItemByCodeEvaluator ==== | ||
| + | |||
| + | @since 10.3.0 | ||
| + | |||
| + | Gives a permission for code list items according to the permission for the code list and item codes. | ||
| + | |||
| + | === Parameters === | ||
| + | * **Code list** ('' | ||
| + | * **Items** ('' | ||
| ==== VsRequestByImplementerEvaluator ==== | ==== VsRequestByImplementerEvaluator ==== | ||
| Line 395: | Line 405: | ||
| * Connected systems | Displaying in autocomplete, | * Connected systems | Displaying in autocomplete, | ||
| * Scheduler (IdmLongRunningTask) | Displaying in autocomplete, | * Scheduler (IdmLongRunningTask) | Displaying in autocomplete, | ||
| + | * Code lists (IdmCodeList) | Displaying in autocomplete, | ||
| + | * Code lists - items (IdmCodeListItem) | Displaying in autocomplete, | ||
| * Permission to read automatic role requests in workflow approval: Requests for automatic roles (IdmAutomaticRoleRequest) | Read, Update, Create, Delete | AutomaticRoleRequestByWfInvolvedIdentityEvaluator ( It's good to have autocomplete permission to IdmAutomaticRoleAttribute and IdmRoleTreeNode.). The permission is possibly in wrong place. | * Permission to read automatic role requests in workflow approval: Requests for automatic roles (IdmAutomaticRoleRequest) | Read, Update, Create, Delete | AutomaticRoleRequestByWfInvolvedIdentityEvaluator ( It's good to have autocomplete permission to IdmAutomaticRoleAttribute and IdmRoleTreeNode.). The permission is possibly in wrong place. | ||
| * Permission to autocomplete form definitions (eav attributes on detail for identities, roles, etc): Forms - definitions (IdmFormDefinition) | Displaying in autocomplete, | * Permission to autocomplete form definitions (eav attributes on detail for identities, roles, etc): Forms - definitions (IdmFormDefinition) | Displaying in autocomplete, | ||
| Line 463: | Line 475: | ||
| * Permission to update identity and attributes: Users (IdmIdentity) | **Update**, Change phone, Change personal number, Change note, Change login, Change user type (projection), | * Permission to update identity and attributes: Users (IdmIdentity) | **Update**, Change phone, Change personal number, Change note, Change login, Change user type (projection), | ||
| - | <note tip>Can be combined with [[# | + | <note tip>Can be combined with [[# |
| <note important> | <note important> | ||