Finding participants of an existing role
Hi,
I've got an attribute of a BPM Object, its valid values are generated by a dynamic method
in this method, I've typed:
supList as String[]
supRole as Role
supRole = Role("Supervisor")
partList as Participant[]
partList = supRole.participants
for each p in partList
do
supList[] = p.id
end
return supList
I've got a role named "Supervisor" and I want this attribute to list all of its participants
when I run it, I've got errors like this:
The task could not be successfully executed. Reason: 'java.lang.IllegalStateException: The component must be invoked on a server-side method.'.
[Error code: workspace-1263359260131
When I debug the method, I found that after code
“ supRole = Role("Supervisor") ”
was executed, several attributes of "supRole" are null, like roleinterface, paticipants_d...
Is there any error in my code
Hi,
Apart from the error you a getting (Ruben has already posted how to solve it) I want to add an additional comment.
The method getParticipants of the Role object (partList = supRole.participants) is deprecated since it doesn't return all the participants that has that role, it returns all the participants that were loaded into memory that have that role.
In other words, in studio or in small organizations (a very common scenario in development environments) there isn't any issue, but if then you try to deploy your process in a big organization (the typical case is when the engine uses the organization LDAP) you will probably get an incomplete result.
If you asked me if there is another way to get that information, I would say "yes, but it is a very very expensive operation that you have to implement yourself".
I know some customer cases that tried to implement that function (just to display a combo box to user) and they finally had very serious performance issues.
So, my suggestion is try to think in the use case to see if you can implement it without that information.
Hope this helps,
Ariel
Similar Messages
-
Assigning and un-assigning the existing role to the existing participant
Hi,
My requirement is to assign the existing role to a participant and after doing some particular things un-assign that role from that participant
I am using oracle bpm 10g .
Any idea ?
Thankssession as DirectorySession = DirectorySession.currentEngineSession
theRole as RoleAssignment = RoleAssignment.create(role : DirOrganizationalRole.fetch(session : session, id : "MyRoleName"), permissions : 95)
dirHum as Fuego.Fdi.DirHumanParticipant = DirHumanParticipant.fetch(session : session, id : "MyUserId")
curRoles as RoleAssignment[]
curRoles = dirHum.rolesAssignment
curRoles[] = theRole
dirHum.rolesAssignment = curRoles
update dirHumTo unassign the role, just remove the role from the 'curRoles' array.
HTH,
-Kevin -
Track new roles / change in existing roles
Hi,
I have a requirement to track the creation of new role OR changes to existing role in the system. In either case I have to send an email to the group of people.
I tried to find the enhancements but found nothing useful.
Basically, I need to find how can I track the even for creation / change of a role...
Please help me out to find the solution for this...
Thanks,
Gagan ChodhryHi Atish,
Thanks for the reply...
No, I tried to find the enhancements, but could not get the one I need...
I found couple of things more like transaction PFAC_CHG / PFAC_INS for change or create role, but not sure how exactly to use these... if these are the correct one to be used....
Thanks,
Gagan Chodhry -
List of all participants to a specific role using PAPI
Hi,
Is there a way, we can get the list of all participants with a specific role using PAPI.Satarama,
Yes, it's possible to get a list of participants in a Role using PAPI. If you're doing this within a project (i.e. not from an external PAPI client), you can use the out-of-box catalog component Fuego.Lib.Role. Using Java syntax, it will look something like this:
Role theRole = Role.find(name: roleName);
Participant[] participantList = theRole.participants;If you're doing this from an external client, you'll find similar functionality in the class DirOrganizationalRole. In Studio, you can find this and related classes in the package Fuego.Fdi.*.
Greg -
How do I find and include pre-existing music files on my PC?
I'm new to iTunes and believe that I should be able to find and include pre-existing music files on my PC?
I've found out how to show the menu bar but I can't see how to do the above except file/folder by file/folder.Hello there, LeighCenturion.
The following Knowledge Base article provides instruction on how to add content from your computer to iTunes:
Adding music and other content to iTunes
http://support.apple.com/kb/HT1473#2
Specifically:
Adding content on your computer to iTunes
iTunes helps you add digital audio and video files on your computer directly to your iTunes library. You can add audio files that are in AAC, MP3, WAV, AIFF, Apple Lossless, or Audible.com (.aa) format. If you have unprotected WMA content, iTunes for Windows can convert these files to one of these formats. You can also add video content in QuickTime or MPEG-4 format to iTunes. To learn how to add these files to iTunes follow the steps below.
Open iTunes
From the File menu, choose one of the following choices:
MacAdd to Library
Windows
Add File to Library
Add Folder to Library
Navigate to and select the file or folder that you want to add
If iTunes is set to "Copy files to the iTunes Music folder when adding to library," iTunes will copy all content that is added to the iTunes library to the iTunes Music folder. To adjust this setting or change the location of this folder, go to the Advanced tab in iTunes Preferences.
Thanks for reaching out to Apple Support Communities.
Cheers,
Pedro. -
How to find the list of existing tables in a schema using DB link?
Hi
I know how to find the list of existing tables in a schema using the following query
SQL> select * from tab;
but, how to list the tables using a DB link?
For Example
SQL> select * from tab@dblink_name;
why this doesn't work?
Pl advice me
Thanks
Reddy.ORA-02019: connection description for remote database not foundHave you used this database link successfully for some other queries?
The error posted seems to indicate that the DB Link is not functional at all. Has it worked for any other type of DML operation or is this the first time you ever tried to use the link? -
New Org Level impact in existing roles
Hi,
I would like to set/create 2 fields as organizational levels. For example KLART and DOKAR. Checking these I realized there is a big amount of roles "affected" by this change.
Because I plan to use the organizational level only for new roles , I would like to know which impact could have this change for existing roles, should one modify the existing roles after creating the Org Levels ? or in contrast they still work as always an no changes / adjustments is needed?
Thanks and regards
FedeXThanks Bernhard,
I have a question
As I mentioned before my goal is that the existing roles keep working after running that program... and do not want to perform any adaptation....only if there is a real error that avoid work correctly.
In these 2 cases the role will keep working properly ( I mean restricting in the way that it uses to do).
1) In case field is copied to the Orglevel area after running the program and the value(s) will stay in both places (OrgLevel and Original place)
2) In case field is NOT copied to the Orglevel area after running the program but the value still in the original place .
right?
Thanks
FedeX -
Making existing roles watertight for HR data
Hello,
I hope to get nudged in the right direction in here. I already descended pretty much to the end of my rope and ... well ... I need some more rope
The situation is like this - I inherited everything that has to do with maintenance of authorizations on our system half a year ago, the guy that did that before me is no longer in the company (so there's no use in asking what he was thinking (if anything) when he was putting the roles together). Documentation is scarce/non-existing. When it exists it's usually not up to date. I'm not exactly a newbie in authorizations field, but at the same time I'm not really that far away from being a newbie yet, so I'm not beyond listening to basics being pointed out to me.
<u>The Utopia</u>:
There are five single roles built for all users of our system (say R1, R2, ... , R5). They're supposed to build on one another, R1 being the basic role, R2 having a couple more authorizations than R1, and so on until R5 which is the role that also has all HR authorizations.
<u>The Reality</u>:
The roles have been designed in a hurry and from the top down starting with the sap_all profile and removing some (or most of the) CA, BC and HR authorizations. They were not properly tested. They do not derive from one another in any way ... R2 for example is a complete copy of R1 with some additional objects and values, same for all the others. Every problem needed to be fixed five times, once for every role. That of course resulted in chaos, things got changed just in one place and the basic role suddenly got more powerful than all the rest. These roles are in use in the production system and there are no plans to substitute them with something better in the very near future.
<u>The Problem</u>:
Suddenly (yeah, right ) the need arose to have these roles watertight with regard to HR data. I did some rudimentary testing and sure enough they're nowhere near watertight even for the most common HR transactions. There are ranges defined in S_TCODE for which I have no idea why they are as they are, there was access to SA38 given where SAP HR programs with no authorization group (and no transaction code) assigned could be run by everyone ... there's god knows how many other security holes. The only help I got from the HR consultants was the list of all 2000 or so HR transactions (taken from the SAP menu tree) which shouldn't be accessible to a normal user. I suspect I might be in need of a typing monkey to check them all five times
<u>Question</u>:
How do I close as many security holes in these roles as possible? What's the strategy when dealing with such tasks? I've made it clear to the management that we probably won't have watertight roles if we don't create new ones, but making a set of new roles created properly from the bottom up is out of the question at this moment.
I'd be extremely grateful for any advice or if anyone could point me to any kind of documentation about making roles like ours more secure for protecting HR data (and also keeping the users away from any BC stuff).
In the meantime, I'm off to searching through the archives of the forum.
ursaMopping the floor with the water running is a spot on description
Actually we're in the process of setting up new and improved authorizations but (of course!) the testing phase turned out to be much more time consuming than anticipated. No surprise to me, however someone obviously thought authorizations are a matter of defining roles and their menus and the system does everything else by itself. Riiight.
What I did so far - first I educated myself on the specifics of HR authorizations. I never had to deal with those before, so (for example) it was a surprise to me that there's actually a separate SAP course dealing with HR authorizations Then I compared the existing roles to each other like you suggested and figured out a way that allowed me to do all the modifications with least amount of work. I cleaned most of the infotypes out of P_ORGIN and (to cover my behind), adjusted the ranges in S_TCODE to exclude the 2000 HR transactions our HR consultant listed for me.
Most importantly - I made it clear to the guys above me, that with the roles we use I can't guarantee HR data to be inaccessible for people who should stay away from it. So ... back to the testing of the new authorizations
Thanks for your help! It always makes a huge difference to get something like a second opinion when one can't decide if left is better than right or if it's the other way around.
ursa -
Add a base permission to an existing role definition in sharepoint using CSOM
I have to add a base permission to an existing role definition in sharepoint using CSOM Managed API in SP2013, to update base permission of a permission level. I did use below code . But Role definition is not getting updated. What could be the reason? I
have updated RoleDefinition and Web as well but it did not help.
RoleDefinition rd = oClientContext.Web.RoleDefinitions.GetByName("My Permission");
if (!rd.BasePermissions.Has(PermissionKind.ManagePermissions))
rd.RoleTypeKind.ToString();
rd.BasePermissions.Set(PermissionKind.ManagePermissions);
rd.Update();
oClientContext.Web.Update();
oClientContext.ExecuteQuery();
Ashish Baranwal To know what you know and what you do not know, that is true knowledgeHi Ashish,
I tested the same scenario per your post in my environment, and I got the same results as you got.
As a workaround, I recommend to delete the permission level and then recreate the permission level with the needed permissions:
ClientContext ctx=new ClientContext("http://sp");
RoleDefinition rd=ctx.Web.RoleDefinitions.GetByName("My Permission");
ctx.Load(rd);
ctx.ExecuteQuery();
if(!rd.BasePermissions.Has(PermissionKind.ManagePermissions))
rd.DeleteObject();
BasePermissions permissions = new BasePermissions();
//add the permissions needed
permissions.Set(PermissionKind.ManagePermissions);
RoleDefinitionCreationInformation roleDefinitionCreationInfo = new RoleDefinitionCreationInformation();
roleDefinitionCreationInfo.BasePermissions = permissions;
roleDefinitionCreationInfo.Name = "My Permission";
roleDefinitionCreationInfo.Description = "My Custom Permission Level";
RoleDefinition roleDefinition = context.Web.RoleDefinitions.Add(roleDefinitionCreationInfo);
context.ExecuteQuery();
Best regards.
Thanks
Victoria Xia
TechNet Community Support -
Hello,
we 're using the GRC Provisioning Framework (with IDM 7.1 SP4 and GRC 5.3 SP10_1) and want to delete all existing roles from a user bevor we set new roles to him.
Is there a general command to do this or have the existing roles to be known?
Thanks,
CarstenHello Christian,
thanks for the quick answer. I'm talking about privileges.
In the To Identity Store, is it enough to set:
MSKEYVALUE -
%MSKEYVALUE%
MXREF_MX_PRIVILEGE -
Or do I have to set all existing roles behind the (like priv:grc:xxxx)?
Thanks,
Carsten -
How to find if certain record exists from stored procedure
Hello
I am not an expert in this and am trying simple thing. I want to find if certain record exists in a table and if so set some boolean variable.
create or replace procedure findit(param)
AS
return_group boolean;
BEGIN
myflag := false;
--here goes my question
-- say I have SELECT WHATEVER FROM TABLE WHERE BLA = param
--if it returns at least one record set myflag to true;
END;Any idea?THanks Satyaki_De,
However, when I put simple SELECT statement in the body of my procedure it does not compile. Actually I should have said that before. So here is my code and where it breaks:
create or replace procedure close_subjects(study_id varchar2)
AS
return_group boolean;
BEGIN
dbms_output.enable(1000000);
FOR current_group IN(
SELECT DISTINCT group_id from groups WHERE study_id=study_id
) LOOP
FOR current_subject IN(
SELECT individual_id from groups WHERE group_id=current_group.group_id AND study_id=study_id
) LOOP
return_group := true;
SELECT INDIVIDUAL_ID FROM ASSIGN WHERE DATE_TIME_ASSIGNED = ( SELECT MAX(DATE_TIME_ASSIGNED) FROM ASSIGN WHERE INDIVIDUAL_ID = current_subject.individual_id ) AND ASSIGN_STATUS_ID = 'A';
IF SQL%RowCount = 0 THEN
return_group := false;
dbms_output.put_line(current_subject.individual_id);
END IF;
END LOOP;
END LOOP;
END;
/If I comment out SELECT statement and leave dbms_output for testing purposes it works well. As I said I am faaaar from expert and seems to me that I cannot have SELECT in procedure BODY? -
Existing roles / authorization joining.
Hello.
I have to arrange existing roles in SD.
First issue:
There are defined roles. I just have to aggregate them (e.g. 3 existing roles in new one .) What should I do?
Second issue:
Those roles are subordinated according to plant. I have to add additional "organizational level" : business area.
Thanks in advance
/ MargaretHello,
The transaction code for authorisation / user profile maintenance is PFCG, but it is advicable to take the help of a BASIS expert.
Prase -
Have 7 mo. old iPhone running 4.3.3 and am wondering if I can upgrade my software. Apps I want to load require minimum of 5.0. Am I out of luck or what? Where do I go to find upgrade if it exists? Yes, I am that dim I guess. Was under impression software could be updated similarly to std. Apple OS practices with other products.
How to upgrade iPhone, iPod, iPod Touch
-
Assign WB to existing role always require role regeneration
Dear Expert,
After we upgrade to BI 7, It appears that everytime when we add a new WB to a existing role in the BEx Analyser, the role didn't generate automatically in the BI backend. This means that the team cannot transport a new WB without a corresponding role generation. We have to transport the new workbook and existing role together.
But I remenbered that in BW 3.5, we don't need to transport both new WB and existing role. Can anyone tell me if this is standard practise in BI7.0 or whether there is any configration for this? Thank you very much.
Best Regards,
FuyangHi Fuyang
In addition to Anil's suggestion one small concern ensure that you havent missed up any of the other workbooks and realted roles...
Hope its clear a little..!
Thanks
K M R
>
Chris Fuyang Zhang wrote:
> Dear Expert,
>
> After we upgrade to BI 7, It appears that everytime when we add a new WB to a existing role in the BEx Analyser, the role didn't generate automatically in the BI backend. This means that the team cannot transport a new WB without a corresponding role generation. We have to transport the new workbook and existing role together.
>
> But I remenbered that in BW 3.5, we don't need to transport both new WB and existing role. Can anyone tell me if this is standard practise in BI7.0 or whether there is any configration for this? Thank you very much.
>
> Best Regards,
> Fuyang -
To find which packages the PUBLIC role has execute privileges on
Hi Experts:
I need to find which packages the PUBLIC role has execute privileges on, since an Audit has revealed there are "there were execute privileges on 2 packages granted to the PUBLIC role"
How can I find these? I have queried, in different ways, dba_tab_privs and dba_sys_privs but I cant get a way to see
execute privileges on packages / procedures.
Thanks,
10.2.0.4
Linux RH 4.
Edited by: user11981168 on 30-Apr-2010 04:12SELECT table_name
FROM dba_tab_privs p
,dba_objects o
WHERE p.owner=o.owner
AND p.table_name = o.object_name
AND p.owner = 'SYS'
AND p.privilege = 'EXECUTE'
AND p.grantee = 'PUBLIC'
AND o.object_type='PROCEDURE'; --PACKAGE,FUNCTION
Maybe you are looking for
-
Ipod nano 6th generation apple logo flashing
I have an ipod nano 6th generation that when connected to the computer USB it flashes the apple logo. When not connected, it does not turn on at all. I have tried all the reset tricks with no impact. Also, my iTunes does not even recognise it as b
-
Hi Experts , JDEV 11.1.2 how can we iterate through Richtable rows one by one......? if we have a 5 rows in a table , i need an iteration thorugh all 5 rows in order to check attribute values......how can i implement this? please give me some rferenc
-
CIN J2IUN not showing the cumulative balance.
Dear Experts, can any one please explain me the what is the meaning of available and remaining balance columns in the light of balace carry forward from previous periods. Thanks, Sekhar.
-
Firefox will not correctly play any videos
Firefox 3.6.6 will not play any videos correctly. The audio is fine but the video is just blurry, colored smears. == URL of affected sites == http://www.youtube.com
-
Photoshop HTML Panel mit Button auf JSX
Hallo, ich habe aktuell noch ein Photoshop-Panel laufen, was mit dem Configurator erstellt wurde. In CC 2014 funktionieren die Flash-Panels nicht mehr. Also will ich das Panel in HTML umbauen, allerdings habe ich noch nicht rausgefunden, wie ich eine