Project

General

Profile

Actions
Copy link

Defect #3361

closed

Missing "Requested for" in role approval task for tech. account

Added by David Štekl about 1 year ago. Updated 6 months ago.

Status:
Closed
Priority:
High
Assignee:
Peter Štrunc
Category:
Technical and other accounts
Target version:
13.0.6
Start date:
05/10/2023
Due date:
% Done:

100%

Estimated time:
Affected versions:
13.0.4
Owner:
Peter Štrunc

Description

Approval by manager:

Approval the role assignment by the guarantee:
the account name is displayed but the link is not working - /idm/#/account/undefined/detail

Approval the role assignment by security department
the account name is displayed but the link is not working

Files

Download all files
clipboard-202305101632-frkeh.png (59.3 KB) clipboard-202305101632-frkeh.png David Štekl, 05/10/2023 02:32 PM
clipboard-202305101642-hiywk.png (51.5 KB) clipboard-202305101642-hiywk.png David Štekl, 05/10/2023 02:42 PM
clipboard-202305101644-eqgzu.png (50.6 KB) clipboard-202305101644-eqgzu.png David Štekl, 05/10/2023 02:44 PM
approval_criticality_1_admin.png (22.6 KB) approval_criticality_1_admin.png Alena Peterová, 06/24/2023 08:56 PM
approval_by_manager_is_assigned_even_to_admin.png (19.7 KB) approval_by_manager_is_assigned_even_to_admin.png Alena Peterová, 06/24/2023 08:56 PM
Actions
Copy link
 #1

Updated by Peter Štrunc 12 months ago

  • Target version changed from 13.0.5 to 13.0.6
Actions
Copy link
 #2

Updated by Peter Štrunc 11 months ago

  • Status changed from New to In Progress
  • Assignee set to Peter Štrunc
  • Owner set to Peter Štrunc
Actions
Copy link
 #3

Updated by Peter Štrunc 11 months ago

  • Status changed from In Progress to Needs feedback
  • Assignee changed from Peter Štrunc to Ondřej Kopr
  • % Done changed from 0 to 80

https://github.com/bcvsolutions/technical-accounts/pull/4

There were multiple issues:

  • Not displaying technical account info in requests was fixed in #3366
  • The link to an account was sometimes not correctly rendered. This is now fixed
  • Role approval for each role by criticality is now delegated to admin role holders in case no technical account guarantee is found. This previously resulted in error and inability to approve preceding role requests.

@kopro could you check it out, please?

Actions
Copy link
 #4

Updated by Alena Peterová 11 months ago

I tested it and I computing the managers for approval was sometimes incorrect. It depends on the permissions of the logged user, who approves the previous task. If they don't have read on technical account guarantors (or something like that), the approval task is created to super admins and not to the account's guarantor.
I think that it shouldn't depend on such permissions - could you please check it? @sourek

My setup:
  • Product "helpdeskRole" + added permissions: Technical account (TechnicalAccount) - View in select box (autocomplete) - BasePermissionEvaluator
  • idm.sec.core.wf.approval.helpdesk.enabled=true
    idm.sec.core.wf.approval.helpdesk.role=helpdeskRole
    idm.sec.core.wf.approval.manager.enabled=true
  • The requested role has criticality 1.
  • The technical account has some guarantor
  • Both tasks for managers were in some cases assigned to super admin(s)


Actions
Copy link
 #5

Updated by Peter Štrunc 11 months ago

  • Status changed from In Progress to Needs feedback
  • Assignee changed from Peter Štrunc to Alena Peterová

Great catch! The issue was in the tech module so I did the fix in the #3361 ticket which deals with this stuff.

Actions
Copy link
 #6

Updated by Alena Peterová 11 months ago

  • Status changed from Needs feedback to Resolved
  • Assignee changed from Alena Peterová to Peter Štrunc
  • % Done changed from 80 to 100

It works well now, thanks.
I approved and even merged the pull request.

Actions
Copy link
 #7

Updated by Peter Štrunc 6 months ago

  • Status changed from Resolved to Closed
Actions
Copy link

Also available in: Atom PDF