Defect #635: Automatic role approver needs ROLE_REQUEST_EXECUTE authority - IdStory Identity Manager

Actions

Copy link

Defect #635

closed

Automatic role approver needs ROLE_REQUEST_EXECUTE authority

Added by Jan Helbich over 6 years ago. Updated over 6 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Radek Tomiška

Category:

Roles

Target version:

Citrine (7.3.0)

Start date:

08/08/2017

Due date:

% Done:

100%

Estimated time:

Affected versions:

Owner:

Description

The approver of automatic role assignment to any node in organization structure needs ROLE_REQUEST_EXECUTE authority, otherwise the role assignment to users will fail on insufficient app privileges.
Exception is thrown in DefaultIdmRoleRequestService:210.

The problem here is that role request is made, but it deliberately fails on these privileges, which leads to broken role requests and automatic role assignment status.
In my opinion this is a bug, otherwise please provide a description of application privileges setup, ideally in as a documentation. Thanks!

History
Notes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

IdStory Identity Manager

Custom queries

Defect #635

Automatic role approver needs ROLE_REQUEST_EXECUTE authority

Updated by Radek Tomiška over 6 years ago

Updated by Vít Švanda over 6 years ago

Updated by Radek Tomiška over 6 years ago