Proof of concept Employments and Positions + Projects in IDM Evolveum Midpoint 4.9.1
POC of a relationship between the User A and the User A employments as users and the User A positions as users.
Employments and Positions are created by resource, like Roles for Linked Object function, and like Users for Request Access
Projects are created by User A in his GUI
Full schema
What will work:
- Adding multiple jobs and positions for an main User from a single HR source
- Changing an employee's name on main User changes the name in employment, positions, accounts and logins
- Changing the name of the organization changes the name in employment, positions, accounts
- AD rights requested for a position are transferred to the employment if the position does not have its own AD account
- The main User can request rights to his employment and positions
- The boss can request rights to the positions of his subordinates
- The boss can create Projects in IDM Midpoint add/delete it roles and members
Storytelling
1. Obtaining data from the personnel resource, building information links and structure
2. Assigning roles, creating an AD account, implementing the concepts of Forward Roles and a nickname as a role
3. Requesting roles by main User to his employments and positions, a supervisor requesting roles for positions of his subordinates
4. Implementation of Project creation, management of their rights and participants in IDM Midpoint
Files from a configured and working Midpoint 4.9.1
Folder contents:
/manuals
/objects
- all files from IntelliJ IDEA Midpoint Studio plugin sync
/linux
- files from linux server
/opt/var/info
- all files used for CSV connector
/opt/var/schema
- additional attributes file
Data
| number_poce | type_poce | main_id | parent_id | members_poce | member_of_poce | name_poce | grade_poce | title_poce | department_poce | subordinate_to_poce | status_poce | info_01 | info_02 | info_03 |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 20 | user | 602021 | EMP012033,EMP012999 | active | ||||||||||
| 21 | employment | EMP012033 | EMP001002 | 602021 | POS102202 | Основное | active | |||||||
| 22 | position | POS102202 | EMP012033 | Ревизорро | DEP20101 | active | default | |||||||
| 23 | position | POS102303 | EMP002004 | Главный Идеолог | DEP20101 | active | manager | |||||||
| 24 | employment | EMP012999 | EMP001002 | 602021 | Тестовое | disabled |
- Do not delete lines, disable it by putting "disabled" in status_poce
- In department_poce last part of org departments identifier "\DC\EMP001001\DEP10001\DEP10101"
- In info_03 if position is a manager of department put "manager"
Docker
Yes! In here IDM-Midpoint-POC-Employments-and-Positions/tree/main/Docker