Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Next revision Both sides next revision
devel:documentation:security:dev:authorization [2019/08/15 11:16]
tomiskar [Identity] 		devel:documentation:security:dev:authorization [2019/08/22 05:58]
tomiskar [Identity]
Line 75: Line 75:
   * ''MANUALLYDISABLE''- Deactivate identity manually. Enables bulk action and quick dashboard button.   * ''MANUALLYDISABLE''- Deactivate identity manually. Enables bulk action and quick dashboard button.
   * ''MANUALLYENABLE''- Activate identity manually. Enables bulk action and quick dashboard button.   * ''MANUALLYENABLE''- Activate identity manually. Enables bulk action and quick dashboard button.
 +
 +==== Role====
 +
 +  * ''CANBEREQUESTED'' - role, which can be requested. Used in role request and bulk actions for assign role.
  
 ===== Base authorization evaluators ===== ===== Base authorization evaluators =====
Line 325: Line 329:
 If you want to enable the managers of the users to read their subordinates and change their permissions, add following permissions to the userRole: If you want to enable the managers of the users to read their subordinates and change their permissions, add following permissions to the userRole:
   * Users (IdmIdentity) | Manage authorizations, View in select box (autocomplete), Read | SubordinatesEvaluator   * Users (IdmIdentity) | Manage authorizations, View in select box (autocomplete), Read | SubordinatesEvaluator
 +
 +<note tip>From version 9.7.3 isn't feature manually disabled and manually enabled for user allowed by permission Identity ''UPDATE''. But exits own permissions for each operation (''MANUALLYDISABLE'' or ''MANUALLYENABLE'')</note>
  
 ==== Settings of permissions for the Helpdesk role ==== ==== Settings of permissions for the Helpdesk role ====
  • by kucerar