Defect #2842
closed
Audit displays misleading warning for a unique role attribute, can't edit already assigned role
100%
Description
Tested on 11.0
Our role has one role attribute, which has to be unique. The role also assigns a system.
During assigning the role to a user, the validation works great - non-unique value can't be saved, unique value can be saved.
After the role is correctly assigned, the form in Audit -> Request for roles displays the message that the value is not unique, even if it is unique. (This is displayed when "Show changes only" is active.)
This was confusing especially when we had a problem in the provisioning, because then the role request displays a failure. This failure is not connected to the unique attribute, but it looks like it is, see below:
Files
Related issues
Updated by Vít Švanda over 3 years ago
- Target version set to 11.1.0
I understand the confusion, but the request tells the truth. The value already exists in an identity-role. Here I suggest turning off validation when the request/concept is resolved/terminated.
Updated by Vít Švanda over 3 years ago
- Assignee changed from Radek Tomiška to Vít Švanda
Updated by Vít Švanda over 3 years ago
- Assignee changed from Vít Švanda to Ondrej Husník
Updated by Alena Peterová over 3 years ago
- Priority changed from Low to Normal
This was reported by our customer just now, so increasing priority.
Updated by Alena Peterová over 3 years ago
- File role_attribute_unique.png role_attribute_unique.png added
- Subject changed from Audit displays misleading warning for a unique role attribute to Audit displays misleading warning for a unique role attribute, can't edit already assigned role
Use case:
The role is assigned to the user with some unique value. I want to edit:
- validity of the role (see the screenshot below)
- value of some other attribute of the same role (not on the screenshot)
But the form doesn't let me save it.
Updated by Vít Švanda over 3 years ago
- Status changed from New to In Progress
- Assignee changed from Ondrej Husník to Vít Švanda
Updated by Vít Švanda over 3 years ago
- % Done changed from 0 to 70
This was surprisingly hard to solve.
Concept validation was done correctly against idenity-roles. The mechanism for skipping unique validation for itself was not working correctly in a situation where the concept was validated. In this case, the id of the value was not the id of the identity-role as the mechanism in formService needs.
Simply changing the id was not possible because the concept value must have a unique id.
I solved this problem by using a combination of: skipping validation, transforming the concept value ID to the identity-role value ID, and checking the state of the concept.
Commit: https://github.com/bcvsolutions/CzechIdMng/commit/081a3d5a8a88dd63fd4a821d8a149ab3a82569c1
Test remains.
Updated by Vít Švanda over 3 years ago
- Status changed from In Progress to Needs feedback
- Assignee changed from Vít Švanda to Radek Tomiška
- % Done changed from 70 to 90
Test implemented here: https://github.com/bcvsolutions/CzechIdMng/commit/324dd23c23c5765d57d5093a47538dafeb393216
Updated by Radek Tomiška over 3 years ago
- Status changed from Needs feedback to Closed
- Assignee changed from Radek Tomiška to Vít Švanda
- % Done changed from 90 to 100
I did test and code review, it works, thx!
Updated by Radek Tomiška about 3 years ago
- Related to Defect #2980: Can't edit already assigned role with unique role attribute added