Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Next revision Both sides next revision
devel:documentation:security:dev:authorization [2020/05/04 12:17]
tomiskar 		devel:documentation:security:dev:authorization [2020/05/15 08:32]
tomiskar
Line 382: Line 382:
  
 [[devel:documentation:roles:dev:universal_requests#permissions| Universal request agenda]] [[devel:documentation:roles:dev:universal_requests#permissions| Universal request agenda]]
 +
 +==== RoleByRoleCatalogueEvaluator ====
 +@since 10.3.0 for **LTS version** is available similar evaluator in [[devel:documentation:modules_extras:role_evaluator_by_role_catalogue|extras module]].
 +
 +Documentation for the evaluator is available [[devel:documentation:security:dev:authorization:role_evaluator_by_role_catalogue|there]].
 +
 +==== IdentityByTreeNodeEvaluator ====
 +@since 10.3.0 for **LTS version** is available similar evaluator in [[devel:documentation:modules_extras:identity_evaluator_by_work_position|extras module]].
 +
 +Documentation for the evaluator is available [[devel:documentation:security:dev:authorization:identity_evaluator_by_work_position|there]].
 +
 ===== Default policies ===== ===== Default policies =====
  
Line 398: Line 409:
   * Permission to read one's own identity: Users (IdmIdentity) | Displaying in autocomplete, reading, change password, manage authorizations | SelfIdentityEvaluator   * Permission to read one's own identity: Users (IdmIdentity) | Displaying in autocomplete, reading, change password, manage authorizations | SelfIdentityEvaluator
   * Permission to read the assigned identity roles: Roles assigned to users (IdmIdentityRole)| - | IdentityRoleByIdentityEvaluator   * Permission to read the assigned identity roles: Roles assigned to users (IdmIdentityRole)| - | IdentityRoleByIdentityEvaluator
-  * Permission to request roles (which can be requested): Role (IdmRole) | Can be requested | RoleCanBeRequestedEvaluator +  * Permission to request roles (which can be requested): Role (IdmRole) | Can be requested | RoleCanBeRequestedEvaluator (since the version 9.7.12) 
-  * Permission to request roles by copy them from other identity (which can be requested): Assigned roles (IdmIdentityRole) | Can be requested | RoleCanBeRequestedEvaluator (since the version 9.7.12)+  * Permission to request roles by copy them from other identity (which can be requested): Assigned roles (IdmIdentityRole) | Can be requested only:true IdentityRoleByRoleEvaluator
   * Permission to read contracts according to identity: Industrial relations (IdmIdentityContract) | - | IdentityContractByIdentityEvaluator   * Permission to read contracts according to identity: Industrial relations (IdmIdentityContract) | - | IdentityContractByIdentityEvaluator
   * Permission to read other contract positions according to contract: Other contract positions (IdmContractPosition) | - | ContractPositionByIdentityContractEvaluator   * Permission to read other contract positions according to contract: Other contract positions (IdmContractPosition) | - | ContractPositionByIdentityContractEvaluator
  • by koulaj