Project

General

Profile

Actions

Task #388

open

feedback On role remove approving

Added by Marcel Poul over 7 years ago. Updated about 7 years ago.

Status:
New
Priority:
Low
Assignee:
Vít Švanda
Category:
Feedback
Target version:
-
Start date:
04/28/2017
Due date:
% Done:

0%

Estimated time:
Owner:

Description

When there is a quite simple role add approve process as follows:

Helpdesk, User Manager, Manager, WF for each role by criticity level, Security

then for role remove, there is configuration choice of selecting wf to remove role + role attribute checkbox "Approve role remove".
So the role remove process is configured by each role checkbox not by criticality?

Why is that? Use case from known project (and in fact only one that really ever wanted to approve role removal)

criticity 1-3, all have Role add approvers.
criticity 3, only this one has Role remove approvers - Security team

Altogether I think "Approve role remove" is useless and confusing provided that you have the scope of the role (especially criticality) inside the workflow that manages the role removal process (idm.sec.core.wf.role.approval.remove configuration key), so you can decide there based on role criticality.

Actions

Also available in: Atom PDF