Improvement "Rôles assignés" / "assigned-roles"

What is a one-sentence summary of your feature request?

Improvement to “Assigned Roles” / “assigned-roles”

Please describe your idea in detail. What is your problem, why do you feel this idea is the best solution, etc.

We require several improvements regarding the “Assigned Roles” functionality:

1 - Make comments mandatory when removing a role (comments are already required for additions, but not for removals, yet we need them to track the rationale for such removals).
2 - When adding a role, allow searching for a beneficiary using a “Contains” mode instead of “Starts With” (it is more ergonomic to search for a person by their name, as our current internalDisplayName includes a prefix).
3 - Enable traceability of permissions at the role level rather than at the user level.
4 - Allow more granular AccessControlRules on scopes: Read, Modify, Add, Remove.
We need to restrict application managers to only viewing and removing permissions, while additions are managed by managers.

How do you currently solve the challenges you have by not having this feature?

Currently, we cannot make this functionality available to application managers as it does not fully meet our needs.
Without these enhancements, we will have to pursue a custom development solution.

Hi @olivier.moreau thanks for your submission. These are all great ideas to improve the use of this page. Can you please explain more what you are looking for with #3?

Thanks,
Kate

Hello,

During my tests, I was expecting to see in the Workflow monitoring screen the add/update/remove request made by this process.

To track this change in permissions, I have to go through the user’s permission cart screen.

Would it be possible to centralize these actions in the Workflow monitoring screen?

Or to have a screen that allows these changes to be tracked? (administrator/Governance view)