Defect #511
closed
Can delete account with protected mode turned on
100%
Description
It is possible to delete account with protected mode on by deleting entity on system.
Situation:
I have identity A with account on system S, mappings for AccAccount (has uid=XYZ) and SysSystemEntity (has uid=whatever) exist and are valid.
Now Systems -> my system S -> Accounts -> check account XYZ -> Delete ==>> account on target system gets deleted, even though it should get into protected state.
Another issue I have encountered: I've somehow synchronized and paired accounts and identities, but SysSystemEntity link has not been created. The system has protected mode enabled.
Trying to delete the identity account (Users -> MyIdentity -> Accounts -> select and delete) fails and throws following exception into logs:
java.lang.IllegalArgumentException: SystemEntity cannot be null!
at org.springframework.util.Assert.notNull(Assert.java:115)
at eu.bcvsolutions.idm.acc.service.impl.DefaultSysSystemMappingService.isEnabledProtection(DefaultSysSystemMappingService.java:116)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
.............
Updated by Vít Švanda almost 7 years ago
- Status changed from New to Closed
- % Done changed from 0 to 100
- After consultation with Zdenek, is this behavior OK.
Documentation was extended for:
You can manually delete an account (AccAccount) even if the system is marked as protected. Deletions can be performed over accounts that are not in the protected interval (ie, they are not "Protected" or not valid).
- Problem with SystemEntity non-existence, we were unable to simulate.