Defect #3070
closed
Account in "protection" is not linked when assigned business role also assignes a group role
100%
Description
User in my environment had an account on a system SYS. He lost all roles for this system in the past. System SYS has "protection" set in the provisioning mapping so the account is never deleted. Now the user was moved to a new position which has an automatic business role that assignes a basic role R1 for this system SYS and also assignes roles R2 and R3 that assigns the user to groups in that system SYS. Roles R2 and R3 have the "Automatically create accounts" option set to false (and it can't be set to true for practical reasons).
The role request fails with this message:
java.lang.IllegalArgumentException: Dto lookup for dto type [class eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto] attribute [roleSystem] is not supported.
at eu.bcvsolutions.idm.core.model.service.impl.DefaultLookupService.lookupEmbeddedDto(DefaultLookupService.java:164)
at
Updated by Vladimír Kotýnek about 2 years ago
- Priority changed from Normal to High
Updated by Peter Štrunc about 2 years ago
- Status changed from New to Needs feedback
- Assignee changed from Peter Štrunc to Tomáš Doischer
- Target version set to 12.1.3
Fixed here https://github.com/bcvsolutions/CzechIdMng/pull/188.
I also did a small refactoring. @doischert would you please review it?
Updated by Tomáš Doischer about 2 years ago
- Assignee changed from Tomáš Doischer to Peter Štrunc
LGTM, merged to 12.1.3-RC1. Please, merge it to develop as well.
Just a minor note, the refactoring is great but it would be much easier to review this in two commits: 1) refactoring, 2) fix (or different order, doesn't matter).
Updated by Peter Štrunc about 2 years ago
- Status changed from Needs feedback to Closed
- % Done changed from 80 to 100
Also merged to develop here https://github.com/bcvsolutions/CzechIdMng/pull/208