Delegations
From AgileApps Support Wiki
This page lists the rules for delegating your own profile and those of your direct reports to a proxy user. A proxy user should be able to perform the same activities as his or her supervisor depending on the role(s) delegated to him or her.
Introduction
Proxy configuration feature enables a user to perform the following configurations:
- Manage Delegation – Manage Delegation enables a Principal User to delegate Principal User’s profile to a Delegate User to work on behalf of the Principal User.
- Principal User - User delegating the profile to a Delegate User.
- Delegate User - User receiving the delegation from a Principal User.
- Manage Delegation is available to the user only when Manage Delegation permission is enabled in the user’s Access Profile. If Manage Delegation option is enabled, the user can create and manage delegations. Principal Users having Manage Delegation permission can create delegation for themselves as well as for other users reporting to the Principal User. Users having administrative permissions can enable Manage Delegation option.
- Act as delegate - Act as delegate proxy option enables the user to accept delegations. Only the users with Act as delegate proxy option can be selected for a Delegate User. Users having administrative permissions can enable Act as delegate proxy option.
- Proxy Login – Proxy Login allows the Delegate User to log in as a delegation to the Principal User. In proxy mode, the Delegate User can see only the roles assigned in the configuration and perform actions confined to the assigned roles. The Delegate User can log in as a delegation as long as the proxy assignment or delegation is active. The Delegate User actions are recorded in the audit log as "Delegate User on behalf of Principal User Modified Subject from old value to new value”. A Delegate User cannot transfer a proxy assignment to another Delegate User.
- Custom Access Criteria – Custom Access Criteria allows the user to access and manage individual records based on the data in the record, characteristics of the current user or any other information. For more information, see Custom Access Criteria. The Delegate User can perform an action mentioned in Access Control only when the Custom Access Criteria permission is allowed. For example, loggedInUser.isDelegateeLogin is a new variable that allows the Delegate User to perform actions under Access Control in Custom Access Criteria.
Managing Delegation
- In the title bar, point to the logged-in user and click My Settings.
- In Personal Settings, click Delegations.
- To create a new delegation, click New Delegation.
- By default, Active checkbox is selected.
- Select the Principal User from the drop-down. The Principal User drop-down displays the users reporting to the logged-in user.
- Select the application from the drop-down. The Application drop-down displays the applications available to the Principal User.
- Click the search icon to select the Delegate User. Delegate Users displayed depend on the Application selected and Act as delegate option enabled.
- By default, Use the delegate’s Access Profile is selected. If this option is cleared, the delegate uses Principal User’s access profile.
- Click the search icon to select the Delegation Roles. This option is available only if Switch Roles option is enabled in Company Information. If Switch Roles option is disabled, all the roles of Principal User are available by default to the Delegate User.
- Click Save.
Acting as a Delegate User
- In the title bar, point to settings icon and click Access Management under Administration.
- In Access Management, click Users.
- Click any user in the Name column.
- Click Edit.
- Select Act as delegation proxy checkbox.
- Click Save.
To Proxy Login
- In the title bar, point to the logged-in user and click Become Delegate.
- Select the Principal User.
- Select Delegation Role.
- Click Submit
Web.xml changes required
Add the below code snippet before </web-app> tag of web.xml file under the path "$INSTALL_DIR/profiles/LJP/workspace/webapps/networking/WEB-INF/ <servlet> <servlet-name>delegateeLogin</servlet-name> <servlet-class>com.es.relationals.DelegateeLogin</servlet-class> </servlet> <servlet-mapping> <servlet-name>delegateeLogin</servlet-name> <url-pattern>/delegateeLogin</url-pattern> </servlet-mapping>