Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision | |||
tutorial:adm:automatic_roles_by_attribute [2020/02/12 13:10] regulat [Rules for automatic roles] |
tutorial:adm:automatic_roles_by_attribute [2023/08/23 10:37] (current) apeterova |
||
---|---|---|---|
Line 3: | Line 3: | ||
If you want to add a role to all users that work on the 3th floor, you can use **Automatic roles by attribute**. | If you want to add a role to all users that work on the 3th floor, you can use **Automatic roles by attribute**. | ||
- | <note tip> | + | <note tip> |
- | </ | + | |
- | From CzechIdM 7.7 onwards, there is a new main menu item **Settings -> automatic | + | |
- | {{ : | + | |
There are two tabs: | There are two tabs: | ||
- | * **Automatic roles from organizational structure** | ||
- | * **Automatic roles based on the attribute** | ||
+ | * **By organizational structure** | ||
+ | * **Based on the attribute** | ||
The first one shows the list of the automatic roles that a user gets via his/her placement in the organization' | The first one shows the list of the automatic roles that a user gets via his/her placement in the organization' | ||
The second one shows the automatic roles that users get by means of **Rules**. | The second one shows the automatic roles that users get by means of **Rules**. | ||
- | {{ : | + | {{ .: |
===== Rules for automatic roles ===== | ===== Rules for automatic roles ===== | ||
Line 24: | Line 21: | ||
e.g. A rule can be set such that a user's contract has an attribute " | e.g. A rule can be set such that a user's contract has an attribute " | ||
- | To create a new automatic role by an attribute, go to **Settings -> automatic roles -> Automatic roles based on the attribute**. Next, click on the green " | + | To create a new automatic role by an attribute, go to **Roles → Automatic roles → Based on the attribute**. Next, click on the green " |
- | {{ : | + | {{ .: |
- | Then select the Role - real CzechIdM entity e.g. "ldap files" that will be assigned if the user matches the Rules. | + | Then select the Role - real CzechIdM entity e.g. "ldap files" that will be assigned if the user matches the Rules. |
The basic setup for the automatic role is done now, click Save and continue. | The basic setup for the automatic role is done now, click Save and continue. | ||
- | We have specified what role shall be assigned, now we need the conditions - Rules. | + | We have specified what role shall be assigned, now we need the conditions - Rules. {{ .: |
- | {{ : | + | |
- | Click on the green " | + | Click on the green " |
- | {{ : | + | {{ .: |
Provided that the users' contracts have EAV attribute " | Provided that the users' contracts have EAV attribute " | ||
Line 44: | Line 40: | ||
* **Form attribute = Floor** | * **Form attribute = Floor** | ||
* **Comparison type = EQUALS** | * **Comparison type = EQUALS** | ||
- | * **Value = 3** | + | * **Value = 3**<note important> |
+ | When you click on the "save and continue" | ||
- | <note important> | + | {{ |
- | When you click on the " | + | * **Yes** |
+ | * Moreover, | ||
+ | * **No** | ||
+ | ===== Concepts of automatic roles ===== | ||
- | {{ : | + | Automatic roles saved as concepts are not evaluated until the concepts are completed (Green button " |
- | * **Yes** - Automatic role is evaluated for all users. Those matching the rule get the said role. Calculation is started as a long running task and its progress can be verified in the Settings -> Task scheduler -> All tasks. | + | {{ |
- | * Moreover, if an identity or its concept is saved - say after some manual editing done by the admin or during | + | |
- | * **No** - automatic role is saved as a concept. | + | |
- | ===== Concepts of automatic roles ===== | ||
- | |||
- | Automatic roles saved as concepts are not evaluated until the concepts are completed (Green button " | ||
- | {{ : |