Task #775
closed
Missing Identifier in the attribute mapping for provisioning, error during roles request
100%
Description
Affects version: 7.5.0
When there is no attribute marked as "Identifier" in the attributes mapping for provisioning, I can't request for the role which assigns this system. The role request results in the error, which doesn't tell me anything:
org.springframework.transaction.TransactionSystemException: Could not commit JPA transaction; nested exception is javax.persistence.RollbackException: Transaction marked as rollbackOnly
Only after I got to the catalina.out, I found out that
DefaultIdmRoleRequestService : UID attribute (mapped attribute marked as 'Is identifier') was not found for system LDAP. UID attribute is mandatory for provisioning/sync!So please make it more user-friendly:
- When configuring the provisioning mapping, warn me if Identifier is not there yet
When the role request is not successful, show the real cause in the logthis is already in progress in #480
Updated by Alena Peterová about 7 years ago
Just note: I didn't mark any attribute as Identifier, but I expected that the identifier would be "__NAME__" by default.
Since it wasn't written in the admin guide (I added it) and I didn't have access to catalina.out, it took me quite some time to find out the problem.
Updated by Marcel Poul about 7 years ago
+ maybe do not allow to add the scheme that does not have an identificator, to the role. At least pop up warning...
Updated by Vít Švanda about 7 years ago
- Assignee set to Patrik Stloukal
- Target version set to Forsterite (7.6.0)
Updated by Patrik Stloukal about 7 years ago
intoduction to problem, studium implementation of similar solution
Updated by Patrik Stloukal about 7 years ago
modified service, controller, added new exception for validation attributes (backend)
working on mapping and service (frontend)
Updated by Patrik Stloukal about 7 years ago
- Status changed from New to In Progress
almost completed frontend
todo: do not run validate() if isNew()
questionmark - explaining situation
Updated by Patrik Stloukal about 7 years ago
- Status changed from In Progress to Needs feedback
- Assignee changed from Patrik Stloukal to Vít Švanda
- % Done changed from 0 to 90
added info message ( question mark not added - there isn't localization)
fixed assertNotNull -> dont call method if component is new
please look on functionality, I added aditional info into new alert level info, so look if its ok.
commit:
https://github.com/bcvsolutions/CzechIdMng/commit/55f4e200f0c34b37fa8655a8e45246aae5c166ca
Updated by Vít Švanda about 7 years ago
- Status changed from Needs feedback to In Progress
- Assignee changed from Vít Švanda to Patrik Stloukal
- % Done changed from 90 to 70
I did review. Basically works, but I found some issues:
- SysSystemMappingController - Method validate is not secured (@PreAuthorize("hasAuthority('" + AccGroupPermission.SYSTEM_READ + "')")).
- Test (on BE) for SysSystemMappingService.validate missing.
- Design:
- Warning message move up (under main title).
- Use span 12.
- Merge the warning and info message to only one.
- JavaDoc is "hard coded" for validate missing identifier only. We want the universal validation.
- Method on FE: "showMissingIdentifier" is "hard coded" for validate missing identifier only. We want the universal validation.
- Method "showMissingIdentifier" should be "private", use prefix "_".
- Description and author is missing in "ValidationMessageSystemMapping".
- Error code "SYSTEM_MAPPING_VALIDATION" is not translated. Look to the message history.
- Show validation message dependent on the exception parameter not by exception name (ValidationMessageSystemMapping).
- FE: check on empty response should be 204 not 200.
- SysSystemMappingController - validate method should be return empty response (204).
- Use "Basic.Col" instead "<div col-col-lg-6".
- Beware on code formating:
<div className="col-lg-6 no-border last"> <ValidationMessageSystemMapping error={validationError} /> </div>
Updated by Vít Švanda about 7 years ago
Theme for next useful validation: Sync mapping for contracts - must exist some mapped attribute with "entityAttribute=true" and "idmPropertyName=identity".
Updated by Patrik Stloukal about 7 years ago
- % Done changed from 70 to 80
resolving isues from feedback,
completed another validation (Sync mapping for contracts - must exist some mapped attribute with "entityAttribute=true" and "idmPropertyName=identity")
todo:
Error code "SYSTEM_MAPPING_VALIDATION" is not translated. Look to the message history.
Updated by Patrik Stloukal about 7 years ago
- Status changed from In Progress to Needs feedback
- Assignee changed from Patrik Stloukal to Vít Švanda
- % Done changed from 80 to 90
issues from feedback resolved, error message localizated, but idm looks into core localization
please look into that and my implemented validation.
commit:
https://github.com/bcvsolutions/CzechIdMng/commit/f5aa40cfcdb8fcee68892d573aa17d015e1487ee
Updated by Patrik Stloukal about 7 years ago
resolved localization issue
commit https://github.com/bcvsolutions/CzechIdMng/commit/5bc182a42b02be4a8d1a0cfc02a42cbfbfe3be8f
Updated by Vít Švanda about 7 years ago
- Status changed from Needs feedback to In Progress
- Assignee changed from Vít Švanda to Patrik Stloukal
Issues:
- DefaultSysSystemMappingService.validate : * Validation for missing owner must works only for contract mapping, not for all! * "identity" string should be a constant. * Variable "isError" is implemented as noError ... it is confusing. This variable is not global for all validations but only for every validation. * ValidationMessageSystemMapping - should be more dynamic. It is not necessary have dependency for every validation keys. * Localization of validation messages can be split to info and message part.
Updated by Patrik Stloukal about 7 years ago
- Status changed from In Progress to Needs feedback
- Assignee changed from Patrik Stloukal to Vít Švanda
so I resolved issues from last time and I hope, you can write feedback, please.
commit:
https://github.com/bcvsolutions/CzechIdMng/commit/a5082b76a31a64cff3b68e90dd6bcd83e71ebe61
Updated by Vít Švanda about 7 years ago
- Status changed from Needs feedback to Resolved
- Assignee changed from Vít Švanda to Patrik Stloukal
- % Done changed from 90 to 100
I tested it and did review. Works correctly.
I fixed minor issues and not working test "testSystemMappingValidationSynchronizationMissingOwner";