On 15/06/21 17:52, Giulia Ferretti wrote:
Hello everybody, me and my team have a problem with the approval process. The scenario is as follows: - two realms: RealmA, RealmB - two roles: RoleA (visibility on RealmA), RoleB (visibility on RealmB) We have created the two roles with the capabilities to see and manage user creation requests via approval. The problem we encounter is that if a user is created on RealmA, this approval request is presented not only to the user with RoleA, but also to the user with RoleB. Can you help us?
Hi Giulia, glad of your interest in Apache Syncope. By default, if nothing is specified in the BPMN definition, user requests can be managed by any User owning the appropriate Entitlements. You can restrict the Users that can manage a given user request by enforcing Flowable's candidateUsers / candidateGroups constructs in their BPMN definition - see [1] for more details. If this is not enough to cover the scenario you are proposing above, I am afraid some additional code customization might be required. HTH Regards. [1] https://syncope.apache.org/docs/2.1/reference-guide.html#approval -- Francesco Chicchiriccò Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail http://home.apache.org/~ilgrosso/
