...
The MassMaintenancePersonManagementRoleWF workflow has been enhanced to support additional parameters in CSV uploads for managing role memberships. The new fields include ValidFrom, ValidTo, and Justification. The ValidFrom and ValidTo fields manage time constraints, while the Justification field will be recorded in the audit log for both the management role and the person. Existing fields such as the management role name, person login or GUID, and action type (Add or Delete/Remove) are were already incorporated.
The OnboardAzLocalRole workflow has been enhanced to include the capability to set the PBAC Approval Right with a dropdown menu on the form. This enhancement provides additional functionality and better visibility options for PBAC Approval Rights.
Multiple UX functionality has been introduced for the ManageApplicationWizard. The "Pbac App" checkbox and its associated controls have been removed from the form. The description field has been updated to a multiline format. Help text has been added for the authorization model and checkboxes. Additionally, the "Cancel" button has been renamed to "Back," and issues with "Back" and "Next" steps have been fixed. The "Edit App Settings" list data item value has been renamed to "Edit Application Settings." Missing labels, including those for managing application settings, rights, roles, and help texts, have been added. Future updates will include protecting specific fields (Display Name, Description, App Authorization Model, Allow Role Definition Assignment, Allow Local Right Assignment, Allow Management Role Assignment, and System Identifier) with View & Edit operations for certain personas and adding a new "Advanced" tab with an editable SystemIdentifier field.
New functionality has been added to the ManageAzLocalRoleWizard workflow:
New Action: Added “Edit Role Definitions Settings” to Multi Actions with a disclaimer indicating that changes affect all selected role definitions.
PBAC Approval Right: Added a dropdown similar to the OnboardAzLocalRight workflow, with changes applied only upon selection.
Visibility Control: Introduced “Multi_PBACApprovalRight_IsVisible” to control field visibility in multi-action cases.
Field Population: Ensured that selected AzLocalRightID was populated in the “AzLocalRole” table’s “ApprovalAzLocalRightID” column.
Single Action: Added “Edit Role Definition Settings” to Single Actions, including a form to edit Name, Friendly Name, Description, Instructions, and PBAC Approval Right dropdown.
New Menu Items: Added new items for both Multi Actions and Single Actions in the ManageAzLocalRoleWizard.
Included changes from Manage IAM shop multi-settings and a bug fix related to the approval flow policy.
Multiple enhancements have been introduced in the ManageAzLocalRightWizard workflow:
Local Right Settings for Multiple Selection: Added the capability to configure local right settings when multiple rights are selected simultaneously.
Edit Owners and Deputies for Multiple Rights: The wizard now includes the option to edit owners and deputies for multiple local rights.
EnforceFieldTypeSelection: Added the
EnforceFieldTypeSelectionfield for both single and multiple selection scenarios.Deprecation of "Assign Responsible Party": Deprecated the "Assign Responsible Party" action for multi-selection, streamlining the process.
These updates enhance the flexibility and functionality of the ManageAzLocalRightWizard, allowing for more efficient management of local rights.
...