Project

General

Profile

Actions

Defect #2842

closed

Audit displays misleading warning for a unique role attribute, can't edit already assigned role

Added by Alena Peterová over 3 years ago. Updated over 3 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Vít Švanda
Category:
Roles
Target version:
Start date:
05/31/2021
Due date:
% Done:

100%

Estimated time:
Affected versions:
Owner:

Description

Tested on 11.0
Our role has one role attribute, which has to be unique. The role also assigns a system.
During assigning the role to a user, the validation works great - non-unique value can't be saved, unique value can be saved.
After the role is correctly assigned, the form in Audit -> Request for roles displays the message that the value is not unique, even if it is unique. (This is displayed when "Show changes only" is active.)

This was confusing especially when we had a problem in the provisioning, because then the role request displays a failure. This failure is not connected to the unique attribute, but it looks like it is, see below:


Files

role_attr_value.png (36.1 KB) role_attr_value.png Alena Peterová, 05/31/2021 11:19 AM
unique_role_attribute.png (87.2 KB) unique_role_attribute.png Alena Peterová, 05/31/2021 11:24 AM
role_attribute_unique.png (85.4 KB) role_attribute_unique.png Alena Peterová, 06/25/2021 04:38 PM

Related issues

Related to IdStory Identity Manager - Defect #2980: Can't edit already assigned role with unique role attributeClosedVít Švanda10/14/2021

Actions
Actions #1

Updated by Alena Peterová over 3 years ago

  • Description updated (diff)
Actions #2

Updated by Vít Švanda over 3 years ago

  • Target version set to 11.1.0

I understand the confusion, but the request tells the truth. The value already exists in an identity-role. Here I suggest turning off validation when the request/concept is resolved/terminated.

Actions #3

Updated by Vít Švanda over 3 years ago

  • Assignee changed from Radek Tomiška to Vít Švanda
Actions #4

Updated by Vít Švanda over 3 years ago

  • Assignee changed from Vít Švanda to Ondrej Husník
Actions #5

Updated by Alena Peterová over 3 years ago

  • Priority changed from Low to Normal

This was reported by our customer just now, so increasing priority.

Actions #6

Updated by Alena Peterová over 3 years ago

I found out that I can't edit the already assigned role, which has a unique attribute.
Use case:
The role is assigned to the user with some unique value. I want to edit:
  • validity of the role (see the screenshot below)
  • value of some other attribute of the same role (not on the screenshot)
    But the form doesn't let me save it.
Actions #7

Updated by Vít Švanda over 3 years ago

  • Status changed from New to In Progress
  • Assignee changed from Ondrej Husník to Vít Švanda
Actions #8

Updated by Vít Švanda over 3 years ago

  • % Done changed from 0 to 70

This was surprisingly hard to solve.
Concept validation was done correctly against idenity-roles. The mechanism for skipping unique validation for itself was not working correctly in a situation where the concept was validated. In this case, the id of the value was not the id of the identity-role as the mechanism in formService needs.
Simply changing the id was not possible because the concept value must have a unique id.

I solved this problem by using a combination of: skipping validation, transforming the concept value ID to the identity-role value ID, and checking the state of the concept.

Commit: https://github.com/bcvsolutions/CzechIdMng/commit/081a3d5a8a88dd63fd4a821d8a149ab3a82569c1

Test remains.

Actions #9

Updated by Vít Švanda over 3 years ago

  • Status changed from In Progress to Needs feedback
  • Assignee changed from Vít Švanda to Radek Tomiška
  • % Done changed from 70 to 90
Actions #10

Updated by Vít Švanda over 3 years ago

  • Category changed from Frontend to Roles
Actions #11

Updated by Radek Tomiška over 3 years ago

  • Status changed from Needs feedback to Closed
  • Assignee changed from Radek Tomiška to Vít Švanda
  • % Done changed from 90 to 100

I did test and code review, it works, thx!

Actions #12

Updated by Radek Tomiška about 3 years ago

  • Related to Defect #2980: Can't edit already assigned role with unique role attribute added
Actions

Also available in: Atom PDF