0 votes

Hello,

My "Employees" Security Role has the ability to write the 'Picture' property on Self only.
Employees are able to edit and delete their own picture, but I want to have managers approve the operation before this happens.

I've set up a business rule as below:

and applied it to all users. However, users are able to change their picture without any approval.

Is there some way for me to set up the Business Rule to require manager approval before changing the picture?

Thanks,
Dan

by (170 points)
0

Hello Dan,

The Business Rule looks good.

Make sure that the user who is changing the picture is not in the list of Approvers. If an Approver is trying to change the picture, then the action will be performed without any approval request.

Also, can you post a screenshot of the activity scope of your Business Rule?

0

This is the 'Employees' Security Role as well

0

Dan,

The activity scope of a Business Rule is shown below the actions and conditions of that Business Rule:

Can you post a screenshot of the activity scope of your Business Rule?

0

Well, that's embarrassing. I didn't have anything in that scope. I assigned it over all objects and now it's working. :oops:

Thanks for pointing that out.

1 Answer

0 votes
by (170 points)

Alright, new question:

This is the approval email that is sent when someone requests a picture change.

Is there a way to have a preview of the photo that is requested, instead of the hex code?

0

Dan,

Unfortunately, currently this is impossible. We will discuss this as a feature suggestion with our team.

0

Is there a location that the uploaded picture is stored, while it waits to be approved? I can't ask our managers to approve photos without being able to preview them before approving.

I tried creating a Business Rule action to send an email with the %thumbnailPhoto% field as part of the body, but unfortunately that returns only a very long string of characters (I assume the code of the photo itself, not any use)

Any help or suggestions you may have that could function as a workaround would be helpful.

Thanks,
Dan

0

Hello Dan,

We suggest the following workaround.

In your Business Rule that sends the operation for approval insert the Run a program or PowerShell script action before the Send this operation for approval action and paste the following script:

$thumbnailPhotoBytes = $Context.GetModifiedPropertyValue("thumbnailPhoto")

# Convert the photo to Base 64
$thumbnailPhotoBase64 = [System.Convert]::ToBase64String($thumbnailPhotoBytes)

$to = "jsmith@domain.com" # TODO: modify me
$subject = "My Subject"
$bodyText = $NULL
$bodyHtml = @"
The image of user %name% (%username%) will be changed to:<br />
<img src='data:image/jpg;base64,$thumbnailPhotoBase64' alt='User image'>
"@

$Context.SendMail($to, $subject, $bodyText, $bodyHtml)

The script will send the modified picture to the email address specified in the $to variable.

So, if you specify a manager's email in the script, he will actually receive 2 emails: one containing the image and sent by the script, and another one sent by the Send this operation for approval action.

0

That's perfect, and exactly what I was looking for. Thanks so much guys!

I implemented this code, and the email works. However, I get the following:

The red X shows up in place of the picture. I'm sure this is something small I'm missing. Any insight?

0

Hello Dan,

What is the version of your Internet Explorer?

0

The server is running IE8, and my workstation is on IE9.

All machines in the company are on at least IE8.

The server running Adaxes is 2008R2.

0

Hello Dan,

This is because Microsoft Outlook does not recognize attachments placed inline of an html message. Our script guy is working on a some sort of workaround for this issue, we'll update you as soon as he comes up with some solution.

0

Sounds good, thanks.

0

Hello Dan,

Here's a modified script:

$smtpServer = "smtp.myserver.com" #TODO: modify me
$to = "user@example.com" #TODO: modify me

# Create an instance of the MailMessage class
$msg = New-Object Net.Mail.MailMessage
$msg.Subject = "My subject"
$msg.From = "nobody@localhost"
$msg.To.Add($to)

$html = {
<html>
  <head>
  <head>
  <body>
    The image of user %name% (%username%) will be changed to:<br />
    <img src='cid:photo' alt='photo'/>                              
  </body>
</html>
}
$view = [Net.Mail.AlternateView]::CreateAlternateViewFromString($html, $null, "text/html");
 # Create attachment
$thumbnailPhotoBytes = $Context.GetModifiedPropertyValue("thumbnailPhoto")
$stream = New-Object System.IO.MemoryStream @(,$thumbnailPhotoBytes)
$linkedResource = New-Object Net.Mail.LinkedResource($stream)
$linkedResource.ContentId = "photo"
$view.LinkedResources.Add($linkedResource)
$msg.AlternateViews.Add($view)

$smtp = New-Object Net.Mail.SmtpClient($smtpServer)
$smtp.Send($msg)

$linkedResource.Dispose()
$stream.Dispose()
0

That works perfectly! Thanks guys, I appreciate the responses and code.

Related questions

0 votes
1 answer

Adaxes seems to want to use the Manager field to specify who gets approval confirmation emails. What do you do about a user without a manager, such as the CEO? Let's assume they're not tech saavy, and the IT department needs to confirm their requests.

asked Feb 10, 2020 by Liam (20 points)
0 votes
1 answer

Hello Adaxes Team You have already helped me to send an approval to the manager of a user. https://www.adaxes.com/questions/12406/send-approval-request-to-manager- ... to a group, DivManager1 should receive the approval request. thank you and greetings pudong

asked Jul 11, 2022 by pudong (680 points)
0 votes
1 answer

Hello I need some help to implement the following task: In a business rule "Before adding a member to a group" an approval should be sent to the manager of the member who will be added to the group. Do you have an example for this? Thanks and greetings Pudong

asked Jun 14, 2022 by pudong (680 points)
0 votes
1 answer

Hi again Adaxes aleardy propose to submit action to requestor manager. I would find very usefull to submit action to object manager : if a want to modify a user object, the approval would be sent to user's manager. Does it make sense ? Thanks

asked Jun 1, 2011 by sroux (800 points)
0 votes
0 answers

Here is an example: In Azure the manager shows populated: In Adaxes it shows a blank:

asked Dec 2, 2022 by adaxes_user2 (40 points)
3,538 questions
3,229 answers
8,222 comments
547,739 users