Add info about account owner in the virtual request and notification
Please provide more information about the owner (identity) of the account in the virtual request detail.
Implementers now see only information about the account UID (always) and attributes of the account (only in Create/Update). But they sometimes want more information about owners - e.g. their contract validity, department, manager, ....
E.g. info card with a direct link to the identity would be helpful.
#7 Updated by Vít Švanda about 1 year ago
- File requests.png requests.png added
- File request-detail.png request-detail.png added
- File notification-vs-detail.png notification-vs-detail.png added
- Status changed from In Progress to Needs feedback
- Assignee changed from Vít Švanda to Radek Tomiška
- % Done changed from 50 to 90
I improved VS request for show target entity = owner of the account.
- Its implemented for all types what can be synchronized (Identity, Role, ...).
- Owner info card is shows on table of a VS requests (instead UID) and on the VS request detail.
- Email notification for show link on identity profil was also improved. This URL is implemented only for Identity!
#8 Updated by Alena Peterová about 1 year ago
Thanks for this awesome feature!
Just after more discussion with the team (sorry that there was no real discussion before I created this ticket), we need to have the column UID visible as well. The reason is, that some identities may have multiple logins and multiple virtual accounts, e.g. different for every contract. Then the UID and username of the identities are not the same and it would be chaotic for admins. So please don't hide the column UID from the requests list nor from the virtual request detail.
#9 Updated by Vladimír Kotýnek about 1 year ago
In many cases the login for the virtual system account is not the same as the IDM login. In some cases we use attributes like e-mail, userPrincipalName or special "outside-IDM-created" login for our virtual systems. UID in this case represents the actual identifier of the account on the system.
#10 Updated by Vít Švanda about 1 year ago
Ok, the UID column is showing again.
#11 Updated by Radek Tomiška about 1 year ago
- Status changed from Needs feedback to In Progress
- Assignee changed from Radek Tomiška to Vít Švanda
I did test and code review, feature works, thx!Review notes:
- I'm not sure loading related account end entity is good to ad into #toDto method:
- This method is called twice, when detail is shown by controller (get + permissions)
- This method is called four time, when request is approved by controller
- in table with 10 requests => 21 sql queries is called (this is just fact, context doesn't help from UI table - we need this data to be loaded)
- maybe context (~filter) can be used here (as eavs) to prevent load account and entity in internall calls => set context for UI only
- new column is not shown in next / previous unresolved request table on request detail - I'm not sure, if it's needed. It will be the same i hope so (if uid cannot be changed). If it's redundant, there context (~filter) can be used here too to prevent loading :)
- I'm not sure about security, but i hope is ok to read related entity (identity, role ...), when some request is on me and i basically cannot read e.g. identity agenda.
If answers to all questions / notes above are NO / NO MATTER, then this ticket can be closed :)