Defect #2567
closed
Automatic role by EAV is not assigned when setting the EAV together with entity (e.g. through form projection)
100%
Description
Steps to reproduce:
- Create an automatic role by attribute for some EAV of identity
- Create a form projection containing this EAV attribute
- Create an identity with this form projection
- Set the EAV attribute to the value which should assign the automatic role
- The automatic role by attribute is not assigned
Note: When the automatic role is set to standard identity attribute, it is assigned correctly. Also automatic roles by organization are correctly assigned.
Related issues
Updated by Vít Švanda over 3 years ago
- Assignee changed from Ondřej Kopr to Radek Tomiška
Updated by Radek Tomiška over 3 years ago
- Related to Task #2248: Synchronization: save extended attribute values together with entity added
Updated by Radek Tomiška over 3 years ago
- Related to Task #1267: Support save EAV with Entity added
Updated by Radek Tomiška over 3 years ago
- Related to Task #2105: Dynamic form for identities added
Updated by Radek Tomiška over 3 years ago
- Priority changed from Normal to High
- Target version set to 10.6.3
- Affected versions Morganite (9.2.0), 10.2.0, 10.5.0 added
- Affected versions deleted (
10.6.1)
The issue is there from version 9.2.0 - identity and contract can be saved together with eav values, this event is not handled in automatic roles by attribute processors properly.
This feature is used where is needed, but mainly in projection (@since 10.2.0), scim (@since 2.1.0 => 10.2.0)
Updated by Radek Tomiška over 3 years ago
- Affected versions deleted (
10.5.0)
I did test for assign automatic roles from synchronization - it works thx automatic roles are skipped for the first time (~from event, when entity is saved) and all is recalculated after synchronization ends (by synchronization setting or as dependent scheduled task).
So it affects projections in product mainly.
Updated by Radek Tomiška over 3 years ago
- Status changed from New to In Progress
Updated by Radek Tomiška over 3 years ago
- Subject changed from Automatic role by EAV is not assigned when setting the EAV through form projection to Automatic role by EAV is not assigned when setting the EAV together with entity (e.g. through form projection)
Updated by Radek Tomiška over 3 years ago
- Status changed from In Progress to Needs feedback
- Assignee changed from Radek Tomiška to Vít Švanda
- % Done changed from 0 to 90
I fixed assign automatic roles by attribute, when entity is saved together with eav attributes.
Commit:
https://github.com/bcvsolutions/CzechIdMng/commit/e7778218b93e1a81c067e56de0b3506cfb95d5cd
Could you provide me a feedback, please?
Updated by Vít Švanda over 3 years ago
- Status changed from Needs feedback to In Progress
- Assignee changed from Vít Švanda to Radek Tomiška
I did review and tested it. Works fine. In the code I found only one thing: In AutomaticRoleAttributeRuleType can be AutomaticRoleAttributeRuleType null now. It means the IdmAutomaticRoleFilter will return all rules for CONTRACT/EAV too. It looks useless, but may be I missed something (If yes, please close this ticket).
Updated by Radek Tomiška over 3 years ago
- Status changed from In Progress to Closed
- % Done changed from 90 to 100
Thx for feedback! Null AutomaticRoleAttributeRuleType is the main part of this fix - automatic roles for identity is skipped in projection and all automatic roles are evaluated, when automatic roles for contract are evaluated (null = IDENTITY + IDENTITY_EAV + CONTRACT + CONTRACT_EAV). When projection is saved, then identity and contract can have eavs defined and all rules are effective.
I've added integration test to acc synchronization with automatic roles configured:
https://github.com/bcvsolutions/CzechIdMng/commit/bfc7c5e44eb86f24d5bbab331dc94ce1e3d1ebeb
Updated by Radek Tomiška over 3 years ago
- Related to Defect #2605: Automatic role by attribute generates duplicate role requests and assignes subroles directly added
Updated by Radek Tomiška over 3 years ago
- Related to deleted (Defect #2605: Automatic role by attribute generates duplicate role requests and assignes subroles directly)