Book Creator
 Add this page to your book
Book Creator
 Remove this page from your book  

 Manage book(0 page(s))
 Help

This is an old revision of the document!

Evaluators for IdmIdentity

IdentityByTreeNodeEvaluator

Evaluator that is given a tree node and provides permissions towards identities with contracts on this tree node or nodes below it.

If given the id of the tree node marked blue as its parameter, this evaluator will give the user permissions to all the identities marked green.

Parameters:

Tree node - id of the root tree node from which to look for users.

IdentityByFormProjectionEvaluator

Evaluator that is given a form projection and gives permissions to all the users with this form projection assigned. In case it is given null as its parameter, it will give the user permissions to all identities without an assigned form projection.

Parameters:

form projection - id of the form projection from which to look for users

ManagerEvaluator

Gives a user permissions to their managers, either by tree structure or by contract guarantee relations.

Both tree structures and contract guarantee relations only work for direct managers, i.e. user doesn't see the managers of their managers.

To the user marked blue, the evaluator will give permissions to the identities marked green.

SelfIdentityEvaluator

Gives an user permissions for their own identity.

IdentityByContractEvaluator

Evaluator that gives the user permissions to all identities that have assigned contracts that the user has permissions for.

UsersWithRolesIAmAGuaranteeOfEvaluator

This evaluator gives the user permissions to all identities with roles that this user is a guarantee of, using both guarantees by role and direct role guarantees.

It does not consider roles held through accounts neither when considering which roles are guaranteed by the user nor when looking for identities with those roles.

User marked with blue will be given permissions to all the users marked green.

SubordinatesEvaluator

Grants the user permissions to subordinates through both tree structures and direct contract guarantees. The evaluator is transitive over tree structures, but it isn't transitive over direct guarantees, nor over a combination of tree structures and direct guarantees. Note that it is transitive over the tree nodes themselves and not over the identities - not all subordinates of user A's subordinates are user A's subordinates.

The user marked blue would be given permissions for all the identities marked green.

SubordinateContractGuaranteeEvaluator

  • by otmara