Defect #1877: ExtrasIdmConceptRoleRequestService doesn't allow approve VsRequests - extras - IdStory Identity Manager

Actions

Copy link

Defect #1877

closed

ExtrasIdmConceptRoleRequestService doesn't allow approve VsRequests

Added by Ondřej Kopr about 5 years ago. Updated about 5 years ago.

Status:

Closed

Priority:

Urgent

Assignee:

Ondřej Kopr

Target version:

1.2.0

Start date:

09/26/2019

Due date:

% Done:

100%

Estimated time:

Affected versions:

Owner:

Description

Use case:

Realizator of VsRequests has new request for create/update/delete on system. After approve/dissaprove this request will be changed state of concept/s on target system. This isn't allowed because admin isn't guaratee of roles.

Stack trace:

2019-09-26 08:13:19.855  INFO 10257 --- [0.1-8009-exec-4] e.b.i.v.s.impl.DefaultVsRequestService   : Virtual system request [eu.bcvsolutions.idm.vs.dto.VsRequestDto [id=08136f48-f8e6-4510-a027-5855ab6d6a01]] was realized. Output UID attribute: [null]
2019-09-26 08:13:19.856  INFO 10257 --- [0.1-8009-exec-4] e.b.i.c.m.s.i.DefaultEntityEventManager  : Publishing event [RoleRequestEvent [type: REFRESH_SYSTEM_STATE, content: eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto [id=9930407b-cbb6-496d-b269-23163a0ce5b4], properties: {}]]
2019-09-26 08:13:19.860  INFO 10257 --- [0.1-8009-exec-4] e.b.i.c.a.e.AbstractEntityEventProcessor : Processor [acc-role-request-check-system-state-processor]([acc]) start for [RoleRequestEvent [type: REFRESH_SYSTEM_STATE, content: eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto [id=9930407b-cbb6-496d-b269-23163a0ce5b4], properties: {}]] with order [1000].
2019-09-26 08:13:20.049  WARN 10257 --- [0.1-8009-exec-4] e.b.i.c.a.e.AbstractEntityEventProcessor : [extras:IDENTITY_ROLE_CANNOT_BE_MODIFIED:fd590135-9917-4fa4-abb3-bbdf35e1a211] Role [********] cannot be modified, you are not guarantee of the role! ({role=********})

eu.bcvsolutions.idm.core.api.exception.ResultCodeException: Role [******] cannot be modified, you are not guarantee of the role!
        at eu.bcvsolutions.idm.extras.model.security.impl.ExtrasIdmConceptRoleRequestService.save(ExtrasIdmConceptRoleRequestService.java:113)
        at eu.bcvsolutions.idm.extras.model.security.impl.ExtrasIdmConceptRoleRequestService.save(ExtrasIdmConceptRoleRequestService.java:40)
        at eu.bcvsolutions.idm.extras.model.security.impl.ExtrasIdmConceptRoleRequestService$$FastClassBySpringCGLIB$$d15017be.invoke(<generated>)
        at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)

Please update this behavior and allow change only state of target system.

affected version: 1.1.0