Actions
Defect #3070
closed
Account in "protection" is not linked when assigned business role also assignes a group role
Start date:
03/09/2022
Due date:
% Done:
100%
Estimated time:
Affected versions:
Owner:
Description
User in my environment had an account on a system SYS. He lost all roles for this system in the past. System SYS has "protection" set in the provisioning mapping so the account is never deleted. Now the user was moved to a new position which has an automatic business role that assignes a basic role R1 for this system SYS and also assignes roles R2 and R3 that assigns the user to groups in that system SYS. Roles R2 and R3 have the "Automatically create accounts" option set to false (and it can't be set to true for practical reasons).
The role request fails with this message:
java.lang.IllegalArgumentException: Dto lookup for dto type [class eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto] attribute [roleSystem] is not supported.
at eu.bcvsolutions.idm.core.model.service.impl.DefaultLookupService.lookupEmbeddedDto(DefaultLookupService.java:164)
at
Actions