Role Assignment Certification Widget

The Role Assignment Certification Widget allows to define the scope of role assignments to recertify during an ad hoc recertification campaign. With this widget, you select:

Target roles

Identities whose assignments to those roles you will recertify

To launch the ad hoc recertification campaign, go to your User Portal.

Widget Use

Description

Example

Step 1: Define campaign

Name the campaign

For both Roles and Identities, pick a selection mode:

Search elements

Or

Upload a file with identifiers

Step 2: Select roles

Depending on the Roles selection mode (Step 1), select the roles to certify:

Select the roles from the list
or
Upload your file with identifiers

Step 3: Select identities

Depending on the Identities selection mode (Step 1), select the identities whose assignments to the roles (Step 2) you will recertify:

Select the identities from the list
or

Upload your file with identifiers

Configuration

Properties

Property Name	Type	Mandatory	Description	Values (default in bold)
hidden	`Boolean`	NO	Display or hide the widget	true, false
displayOptions	-	YES	Defines the widget display options
config	-	YES	Defines the widget configuration

displayOptions properties

Property Name

Type

Mandatory

Description

Values (default in bold)

modalSize

String

NO

Defines the size of the modal

XS, SM, LG

config properties

Property Name	Type	Mandatory	Description	Values (default in bold)
bordered	`Boolean`	NO	Defines if the action buttons have a border or not	true, false
title	`Boolean`	NO	Defines the widget title	true, false
completionRedirectURL	`String`	NO	Redirect destination after the action completes	e.g. /home
displayWizardProgressBar	`Boolean`	NO	Display the step progress bar	true, false
identityOptions	-	YES	Configure identities search / selection	See below
roleOptions	-	YES	Configure role search / selection	See below

IdentityOptions.scope properties

Property Name

Type

Mandatory

Description

Values (default in bold)

scope@type

String

YES

Scope definition mode

EXPRESSION

scope@objectKind

String

YES

Target object kind

IDENTITY

scope.objectTypes

List<String>

YES

Allowed identity types

Internal, Provider

IdentityOptions.search properties

Property Name	Type	Mandatory	Description	Values (default in bold)
allowExport	`Boolean`	YES	Allow exporting the result list	true, false
columns	`List`	YES	Columns displayed in the identity list	e.g., id, firstName, lastName, organization
displayFrozenOperators	`Boolean`	NO	Display fixed search operators	true, false
frozen	`Enum`	NO	Freeze the search header	YES, NO
modes	`List`	NO	Possible search modes	SIMPLE, MULTICRITERIA
objectReferences	`List`	NO	References to filter identities	e.g., organization (See below)

IdentityOptions.search.columns

Column (dataKey)	Hidden	Data Type	Type	Sortable	Default Sort
id	true	`String`	general	true	ALPHA ASC
firstName	false	`String`	general	true	ALPHA ASC
lastName	false	`String`	general	true	ALPHA ASC
organization Example identity attribute, possible to change for a different one	false	`String`	excerpt	true	ALPHA ASC

IdentityOptions.search.objectReferences (Organization picker) properties

Property Name	Type	Mandatory	Description	Values (default in bold)
objectReferences.attribute	`String`	NO	Reference attribute to filter identities	organization
editWidget@xsi:type	-	NO	Reference selector widget	e.g., ctdbum:AdvancedObjectReferenceEditWidgetType
hidden	`Boolean`	NO	Display or hide the reference widget	true, false
conditional	`Boolean`	NO	Conditional display	true, false
required	`Boolean`	NO	Make the reference mandatory	true, false
popupAttributes	`List`	NO	Attributes displayed in the popup header	organizationName
displayPopup	`Boolean`	NO	Open a popup for selection	true, false

Organization popup search (editWidget.config.search) properties

Property Name	Type	Mandatory	Description	Values (default in bold)
allowExport	`Boolean`	YES	Allow export in popup	true, false
columns	`List`	YES	Popup columns	e.g., organizationName, parentOrganization
displayFrozenOperators	`Boolean`	NO	Display fixed operators	true, false
frozen	`Enum`	NO	Freeze the search header	YES, NO
modes	`List`	NO	Possible search modes	SIMPLE, MULTICRITERIA

roleOptions

roleOptions.scope

Property Name	Type	Mandatory	Description	Values
cope@type	`Enum`	NO	Scope definition mode	EXPRESSION
scope@objectKind	`Enum`	NO	Target object kind	ROLE
scope.searchExpression	`Expression`	NO	Additional role filter	needCertification = true
scope.objectTypes	`List`	NO	Allowed role types	application

roleOptions.search

Property Name	Type	Mandatory	Description	Values
allowExport	`Boolean`	YES	Allow exporting the result list	true, false
columns	`List`	YES	Columns displayed in the role list.	See roleOptions.search.columns
displayFrozenOperators	`Boolean`	NO	Show fixed search operators.	true, false
frozen	`Enum`	NO	Freeze the search header.	YES, NO
modes	`List<String>`	NO	Enabled search modes.	SIMPLE, MULTICRITERIA, FORMULA

roleOptions.search.columns

Column (dataKey)	Hidden	Data Type	Type	Sortable
id	true	`String`	general	false
roleName	false	`String`	general	false
roleApplication Example role attribute, possible to change for a different one	false	`String`	excerpt	false

Example

Role Assignment Certification Widget Example

CODE

<widget id="roleAssignment-certificationCampaign-widget" xsi:type="ctdbum:RecertificationCampaignWidgetType">
                                        <hidden>false</hidden>
                                        <displayOptions>
                                            <modalSize>LG</modalSize>
                                        </displayOptions>
                                        <config>
                                            <bordered>true</bordered>
                                            <title>false</title>
                                            <completionRedirectURL>/home</completionRedirectURL>
                                            <displayWizardProgressBar>true</displayWizardProgressBar>
                                            <identityOptions>
                                                <scope type="EXPRESSION" objectKind="IDENTITY">
                                                    <objectTypes>
                                                        <objectType>internal</objectType>
                                                        <objectType>provider</objectType>
                                                    </objectTypes>
                                                </scope>
                                                <search>
                                                    <actions/>
                                                    <allowExport>false</allowExport>
                                                    <columns>
                                                        <column>
                                                            <attribute>true</attribute>
                                                            <dataKey>id</dataKey>
                                                            <dataType>string</dataType>
                                                            <dateFormat>DAY_MONTH_YEAR_LONG</dateFormat>
                                                            <ellipsis>false</ellipsis>
                                                            <hidden>true</hidden>
                                                            <sortAs>ALPHA</sortAs>
                                                            <sortDirection>ASC</sortDirection>
                                                            <sortable>true</sortable>
                                                            <sorted>false</sorted>
                                                            <type>general</type>
                                                        </column>
                                                        <column>
                                                            <attribute>true</attribute>
                                                            <dataKey>firstName</dataKey>
                                                            <dataType>string</dataType>
                                                            <dateFormat>DAY_MONTH_YEAR_LONG</dateFormat>
                                                            <ellipsis>false</ellipsis>
                                                            <hidden>false</hidden>
                                                            <sortAs>ALPHA</sortAs>
                                                            <sortDirection>ASC</sortDirection>
                                                            <sortable>true</sortable>
                                                            <sorted>false</sorted>
                                                            <type>general</type>
                                                        </column>
                                                        <column>
                                                            <attribute>true</attribute>
                                                            <dataKey>lastName</dataKey>
                                                            <dataType>string</dataType>
                                                            <dateFormat>DAY_MONTH_YEAR_LONG</dateFormat>
                                                            <ellipsis>false</ellipsis>
                                                            <hidden>false</hidden>
                                                            <sortAs>ALPHA</sortAs>
                                                            <sortDirection>ASC</sortDirection>
                                                            <sortable>true</sortable>
                                                            <sorted>false</sorted>
                                                            <type>general</type>
                                                        </column>
                                                        <column>
                                                            <attribute>true</attribute>
                                                            <dataKey>organization</dataKey>
                                                            <dataType>string</dataType>
                                                            <dateFormat>DAY_MONTH_YEAR_LONG</dateFormat>
                                                            <ellipsis>false</ellipsis>
                                                            <hidden>false</hidden>
                                                            <sortAs>ALPHA</sortAs>
                                                            <sortDirection>ASC</sortDirection>
                                                            <sortable>true</sortable>
                                                            <sorted>false</sorted>
                                                            <type>excerpt</type>
                                                        </column>
                                                    </columns>
                                                    <additionalSearchAttributes/>
                                                    <displayFrozenOperators>true</displayFrozenOperators>
                                                    <frozen>NO</frozen>
                                                    <modes>
                                                        <mode>SIMPLE</mode>
                                                        <mode>MULTICRITERIA</mode>
                                                    </modes>
                                                    <objectReferences>
                                                        <objectReference>
                                                            <attribute>organization</attribute>
                                                            <editWidget xsi:type="ctdbum:AdvancedObjectReferenceEditWidgetType">
                                                                <hidden>false</hidden>
                                                                <config>
                                                                    <conditional>false</conditional>
                                                                    <required>false</required>
                                                                    <popupAttributes>
                                                                        <attribute>organizationName</attribute>
                                                                    </popupAttributes>
                                                                    <search>
                                                                        <actions/>
                                                                        <allowExport>false</allowExport>
                                                                        <columns>
                                                                            <column>
                                                                                <attribute>true</attribute>
                                                                                <dataKey>organizationName</dataKey>
                                                                                <dataType>string</dataType>
                                                                                <dateFormat>DAY_MONTH_YEAR_LONG</dateFormat>
                                                                                <ellipsis>false</ellipsis>
                                                                                <hidden>false</hidden>
                                                                                <sortAs>ALPHA</sortAs>
                                                                                <sortDirection>ASC</sortDirection>
                                                                                <sortable>true</sortable>
                                                                                <sorted>false</sorted>
                                                                                <type>general</type>
                                                                            </column>
                                                                            <column>
                                                                                <attribute>true</attribute>
                                                                                <dataKey>parentOrganization</dataKey>
                                                                                <dataType>string</dataType>
                                                                                <dateFormat>DAY_MONTH_YEAR_LONG</dateFormat>
                                                                                <ellipsis>false</ellipsis>
                                                                                <hidden>false</hidden>
                                                                                <sortAs>ALPHA</sortAs>
                                                                                <sortDirection>ASC</sortDirection>
                                                                                <sortable>true</sortable>
                                                                                <sorted>false</sorted>
                                                                                <type>excerpt</type>
                                                                            </column>
                                                                        </columns>
                                                                        <rowClickActions/>
                                                                        <additionalSearchAttributes/>
                                                                        <displayFrozenOperators>false</displayFrozenOperators>
                                                                        <frozen>NO</frozen>
                                                                        <modes>
                                                                            <mode>SIMPLE</mode>
                                                                            <mode>MULTICRITERIA</mode>
                                                                        </modes>
                                                                        <objectReferences/>
                                                                    </search>
                                                                    <displayPopup>true</displayPopup>
                                                                </config>
                                                            </editWidget>
                                                        </objectReference>
                                                    </objectReferences>
                                                </search>
                                            </identityOptions>
                                            <roleOptions>
                                                <scope type="EXPRESSION" objectKind="ROLE">
                                                    <searchExpression>
                                                        <search:Prop op="EQUALS" name="needCertification">
                                                            <value script="false">true</value>
                                                        </search:Prop>
                                                    </searchExpression>
                                                    <objectTypes>
                                                        <objectType>application</objectType>
                                                    </objectTypes>
                                                </scope>
                                                <search>
                                                    <actions/>
                                                    <allowExport>false</allowExport>
                                                    <columns>
                                                        <column>
                                                            <attribute>true</attribute>
                                                            <dataKey>id</dataKey>
                                                            <dataType>string</dataType>
                                                            <dateFormat>DAY_MONTH_YEAR_LONG</dateFormat>
                                                            <ellipsis>false</ellipsis>
                                                            <hidden>true</hidden>
                                                            <sortAs>ALPHA</sortAs>
                                                            <sortDirection>ASC</sortDirection>
                                                            <sortable>false</sortable>
                                                            <sorted>false</sorted>
                                                            <type>general</type>
                                                        </column>
                                                        <column>
                                                            <attribute>true</attribute>
                                                            <dataKey>roleName</dataKey>
                                                            <dataType>string</dataType>
                                                            <dateFormat>DAY_MONTH_YEAR_LONG</dateFormat>
                                                            <ellipsis>false</ellipsis>
                                                            <hidden>false</hidden>
                                                            <sortAs>ALPHA</sortAs>
                                                            <sortDirection>ASC</sortDirection>
                                                            <sortable>false</sortable>
                                                            <sorted>false</sorted>
                                                            <type>general</type>
                                                        </column>
                                                        <column>
                                                            <attribute>true</attribute>
                                                            <dataKey>roleApplication</dataKey>
                                                            <dataType>string</dataType>
                                                            <dateFormat>DAY_MONTH_YEAR_LONG</dateFormat>
                                                            <ellipsis>false</ellipsis>
                                                            <hidden>false</hidden>
                                                            <sortAs>ALPHA</sortAs>
                                                            <sortDirection>ASC</sortDirection>
                                                            <sortable>false</sortable>
                                                            <sorted>false</sorted>
                                                            <type>excerpt</type>
                                                        </column>
                                                    </columns>
                                                    <rowClickActions/>
                                                    <additionalSearchAttributes/>
                                                    <displayFrozenOperators>true</displayFrozenOperators>
                                                    <frozen>NO</frozen>
                                                    <modes>
                                                        <mode>SIMPLE</mode>
                                                        <mode>MULTICRITERIA</mode>
                                                        <mode>FORMULA</mode>
                                                    </modes>
                                                </search>
                                            </roleOptions>
                                        </config>
                                    </widget>

Widget Use

Configuration

Properties

displayOptions properties

config properties

IdentityOptions.scope properties

IdentityOptions.search properties

IdentityOptions.search.columns

IdentityOptions.search.objectReferences (Organization picker) properties

Organization popup search (editWidget.config.search) properties

roleOptionsroleOptions.scope

roleOptions.search

roleOptions.search.columns

Example

roleOptions

roleOptions.scope