Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
devel:documentation:security:dev:change-user-permissions [2019/03/29 09:29]
svandav 		devel:documentation:security:dev:change-user-permissions [2019/05/07 08:29] (current)
svandav [Duplicate request]
Line 1: Line 1:
 ====== Changing user permissions ====== ====== Changing user permissions ======
  
-{{tag>identity permission role security workflow}}+{{tag>identity permission role request security workflow}}
  
 <note tip>Introduction to the topic - [[../..:role_change|read here]].</note> <note tip>Introduction to the topic - [[../..:role_change|read here]].</note>
-A manual change (via REST api) of permission, i.e. adding/editing/removing a link between an identity and a role is not possible. All permission changes must be made via the role request agenda (RoleRequest).+ 
 +===== Basic life cycle of the request for change a permissions ===== 
 + 
 +{{:devel:documentation:security:dev:role-request.png|}} 
 + 
 +<note important>A manual change (via REST api) of permission, i.e. adding/editing/removing a link between an identity and a role is not possible. All permission changes must be made via the role request agenda (RoleRequest).</note>
  
 ===== Role request agenda ===== ===== Role request agenda =====
Line 52: Line 57:
  
 ==== Duplicate request ==== ==== Duplicate request ====
 +<note warning>Since version 9.6.0, the check for duplicate requests has been removed for performance!</note>
 +
 During the process of submitting a request, it is verified if there is another duplicate request of the new request (in state "**IN_PROGRESS**", "**APPROVED**"). If a duplicate request is found, the executed request is labelled as duplicated (state "**DUPLICATED**") and its attribute "**duplicatedToRequest**" is filled with the identifier of the duplicate request (a record is made in the request log). During the process of submitting a request, it is verified if there is another duplicate request of the new request (in state "**IN_PROGRESS**", "**APPROVED**"). If a duplicate request is found, the executed request is labelled as duplicated (state "**DUPLICATED**") and its attribute "**duplicatedToRequest**" is filled with the identifier of the duplicate request (a record is made in the request log).
 The submission (execution) of the request is thus suspended. The submission (execution) of the request is thus suspended.
Line 204: Line 211:
  
   * **No priority (0)**:   * **No priority (0)**:
-No approval takes place. The process "**change-role-without-approve**" is run (see above).+No approval takes place. The process "**change-role-without-approve**" is run (see above). This process is used, even if no workflow is configured (~is empty) for a priority.
  
   * **Trivial priority (1)**:   * **Trivial priority (1)**:
  • by svandav