Skip to end of metadata
Go to start of metadata

In the midPoint, we now support these GUI actions:

Overall Administration Actions

ActionAllowed access to pageNote
http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#allAll GUI pages 
http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#homeAdministration dashboard (including actions)covers also #dashboard and #myPasswords
http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#usersAllAll administration pages for users (including actions) 
http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#resourcesAllAll administration pages for resources (including actions) 
http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#rolesAllAll administration pages for roles (including actions) 
http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#configurationAllAll administration configuration pages (including actions) 
http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#workItemsAllAll administration pages for work items (including actions) 
http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#reportsAllAll administration pages for reports (including actions) 
http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#tasksAllAll administration pages for tasks (including actions) 
http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#orgAllAll administration pages for org. structure (including actions) 
http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#certificationAllAll pages for access certification (including actions)Since 3.4
http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#adminAssignAssign menu item authorization on the Assignment tab 
http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#adminUnassignUnassign menu item authorization on the Assignment tab 
http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#adminUnassignAllMembersUnassign all members menu item authorization on the Assignment tab 

Self-service Actions

ActionAllowed access to pageNote
http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#selfAllAll self-service pagesSince 3.3
http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#selfDashboardSelf-service HomeSince 3.3
http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#selfProfileSelf-service profileSince 3.3
http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#selfCredentialsSelf-service credentialsSince 3.3
http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#selfRequestRoleSelf-service request a role3.4-3.5.x, not supported in 3.6+

http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#selfRequestAssignment

http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#selfRequestAssignments

Self-service request a roleSince 3.6

Administration Dashboard Actions

ActionAllowed access to pageNote
http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#dashboardAdministration dashboard 
http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#myPasswordsMy passwordsPage removed in 3.3, see self-service credentials page instead

User actions

Resource actions

Role actions

Org. structure actions

ActionAllowed access to pageNote
http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#orgStructOrg. tree main menu 
http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#orgTreeOrg. tree hierarchy 
http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#orgUnitOrg. unit details (including editing) and New org. link (based on #read, #modify, #add and #delete model authorizations) 

 Organization actions

Action
Allowed access to page
Note
http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#orgAllTODO: #orgTree + #orgStruct? 
http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#orgTreeOrg tree hierarchy 
http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#orgUnitOrg. unit details (including editing) and New org. link (based on #read, #modify, #add and #delete model authorizations) 
http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#adminAssignOrgMemberAuthorization for Assign menu item on the org Managers and Members panels (e.g. Assign Managers, Assign Members) 
http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#adminUnassignOrgMemberAuthorization for Unassign menu item on the org Managers and Members panels (e.g. Unassign selected members) 
http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#adminAddOrgMemberAuthorization for Create menu item on the org Managers and Members panels (e.g. Create manager, Create member) 
http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#adminDeleteOrgMemberAuthorization for Delete menu item on the org Managers and Members panels (e.g. Delete all managers, Delete member, Delete all (focus) members) 
http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#adminRecomputeOrgMemberAuthorization for Recompute menu item on the org Managers and Members panels (e.g. Recompute all managers, Recompute selected members, Recompute direct members, Recompute all members) 

Configuration actions

Work items actions

Report actions

Task actions

Org. structure actions

Focal object tabs authorizations

Display of object detail tabs is not controlled by authorizations. Admin GUI Configuration is used to control this behavior.

Access certification actions

Please see Access Certification Security for detailed list.

See also:

 

  • No labels