On 15/06/21 17:52, Giulia Ferretti wrote:
Hello everybody,
me and my team have a problem with the approval process. The scenario is as
follows:
- two realms: RealmA, RealmB
- two roles: RoleA (visibility on RealmA), RoleB (visibility on RealmB)
We have created the two roles with the capabilities to see and manage user
creation requests via approval.
The problem we encounter is that if a user is created on RealmA, this approval
request is presented not only to the user with RoleA, but also to the user with
RoleB.
Can you help us?
Hi Giulia,
glad of your interest in Apache Syncope.
By default, if nothing is specified in the BPMN definition, user requests can
be managed by any User owning the appropriate Entitlements.
You can restrict the Users that can manage a given user request by enforcing
Flowable's candidateUsers / candidateGroups constructs in their BPMN definition
- see [1] for more details.
If this is not enough to cover the scenario you are proposing above, I am
afraid some additional code customization might be required.
HTH
Regards.
[1] https://syncope.apache.org/docs/2.1/reference-guide.html#approval
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/