Task #2384
closed
Manager is not allowed to edit identity right after it's created
0%
Description
@10.4.1
When I create a new identity via projections as a manager with rights to create identity, this manager is set as a manager/guarantor of the created identity's contract (custom processor). After saving the new identity the manager is redirected to the projection form of the new identity but the attributes he should have right to edit are disabled (read-only). When I click on "Users" and open the detail of this user I don't see the "Show full detail" button. After about a minute from the new identity's creation or after re-login I can edit them.
This might be caused by caching of user permissions #2366 in core:permission-cache
Updated by Vít Švanda over 4 years ago
- Status changed from New to Needs feedback
- Assignee changed from Vít Švanda to Peter Štrunc
- Target version set to 10.5.0
It seems to me from the description that it behaves is correct: permissions are cached for the user.
Do I understand correctly that within the project, after creating a new identity, you modify contracts (set up a manager)? If this is the case and you need to have permissions evaluated immediately, then you need to add evic of the cache for that identity to the processor that is making the change.
Something like this:// evict authorization manager caches for token identity only
cacheManager.evictValue(AuthorizationManager.PERMISSION_CACHE_NAME, identityId);
Updated by Vladimír Kotýnek over 4 years ago
We've used this fix on our project and it worked. Thank you very much!
Updated by Vít Švanda over 4 years ago
- Tracker changed from Defect to Task
- Status changed from Needs feedback to Resolved
- Assignee changed from Peter Štrunc to Vít Švanda
- Priority changed from High to Low
Updated by Radek Tomiška over 4 years ago
- Status changed from Resolved to Closed