Project

General

Profile

Actions

Defect #1785

closed

Report Eav attribute - missign security

Added by Radek Tomiška over 5 years ago. Updated over 5 years ago.

Status:
Closed
Priority:
High
Assignee:
Marek Klement
Category:
Report
Target version:
Start date:
08/07/2019
Due date:
% Done:

100%

Estimated time:
1.00 h
Affected versions:
Owner:

Description

Eav values are loaded without prermissions => identity with no access to eav value could read it by this report:
https://github.com/bcvsolutions/CzechIdMng/blob/298c10688093760b59c5a28ea953a97899817be5/Realization/backend/rpt/rpt-impl/src/main/java/eu/bcvsolutions/idm/rpt/report/identity/IdentityEavReportExecutor.java#L156

Add appropriate permissions - depends on eav security configuration, see identity controller for inspiration.

Note: I've fixed some of issues reported from sonar in commit (exception usage, hash map usage, forgotten warnings ...):
https://github.com/bcvsolutions/CzechIdMng/commit/298c10688093760b59c5a28ea953a97899817be5

@affected version 9.7.2


Related issues

Related to IdStory Identity Manager - Task #1738: Report Eav attributeClosedMarek Klement07/03/2019

Actions
Actions #1

Updated by Radek Tomiška over 5 years ago

  • Related to Task #1738: Report Eav attribute added
Actions #2

Updated by Radek Tomiška over 5 years ago

  • Description updated (diff)
Actions #3

Updated by Vít Švanda over 5 years ago

  • Target version changed from Rhyolite (9.7.3) to Rhyolite (9.7.5)
Actions #4

Updated by Marek Klement over 5 years ago

  • Status changed from New to Needs feedback
  • Assignee changed from Marek Klement to Radek Tomiška
  • % Done changed from 0 to 50

I fixed the issue and added permissions. Also, the test was created.

Branch: klementm/1785-report-eav-add-policy

Actions #5

Updated by Radek Tomiška over 5 years ago

  • Status changed from Needs feedback to In Progress
  • Assignee changed from Radek Tomiška to Marek Klement
Actions #6

Updated by Marek Klement over 5 years ago

  • Status changed from In Progress to Needs feedback
  • Assignee changed from Marek Klement to Radek Tomiška
  • % Done changed from 50 to 60

Fixed some issues with configuration.

Actions #7

Updated by Radek Tomiška over 5 years ago

  • Status changed from Needs feedback to In Progress
  • Assignee changed from Radek Tomiška to Marek Klement
Actions #8

Updated by Radek Tomiška over 5 years ago

  • Status changed from In Progress to Needs feedback
  • Assignee changed from Marek Klement to Radek Tomiška
Actions #9

Updated by Radek Tomiška over 5 years ago

  • Status changed from Needs feedback to Closed
  • Assignee changed from Radek Tomiška to Marek Klement
  • % Done changed from 60 to 100

I did test and review, it works, thx!

Actions

Also available in: Atom PDF