Dear community,
I hope someone can help me with the following question.
Environment
One Identity Manager v9.0 CU1
API server-based web portal (Angular/HTML5)
Use Case
A specific AErole A is a defined manager role via AERole.UID_AERoleManager of another AERole B. A member X of the managing AErole A wants to remove a direct and assigned by order membership of a Member Y in AERole B.
So, X was in this case not the original requester of member Y in AERole B, but a designated manager of AERole B.
Issue
Removing a membership as described above seems not to be possible with an out-of-the-box setup.
When trying to so, I get the following error in web portal:
You cannot unsubscribe the following memberships because you are neither their requestor nor recipient. - Person Y
Question
Is it possible to allow membership removal for all AERole managers with origin “Assignment requests” with minor modifications either in the angular web portal config parameters or in the backend?
How to reproduce
- Open web portal and login as manager X
- Click on “One Identity Manager application roles” in the “My Responsibilities” section
- Click on “Edit” for AERole B
- Switch to the “Memberships” tab.
- “Secondary memberships” are displayed
- Select member Y (Origin: Asssignment request)
- Click “Remove”
- Error Message appears
