On 11/10/2014 11:55, Suresh Ajja wrote:
Hi,
Thanks for the pointer.
We did trial and error with entitlements for the Approver role.
We found that unless and until we gave Security_Question_XXX (CRUD)
entitlements to the approver role, the approver is not able to view
the user details while approving the request.
This should be termed a bug, as the approver should have just
USER_READ entitlement to view the user details, SECURITY_QUESTION_XX
are not required as such for approval.
Agree: could you please open an issue on
https://issues.apache.org/jira/browse/SYNCOPE ?
Set component 'console', affects-version 1.2.0 and fix-for-versions
1.2.1 / 1.3.0, thanks.
Regards.
On Sat, Oct 11, 2014 at 11:17 AM, Francesco Chicchiriccò
<[email protected] <mailto:[email protected]>> wrote:
On 10/10/2014 11:12, Suresh Ajja wrote:
hi,
We are running 1.2.0 Syncope
The scenario run is as below:
a. Anonymous user creates a user_create request through self
registration
b. It goes to the Approver for approval.
Approver clicks on Edit User to view the user details for making
an approval decision.
Error displays as attached.
c. The same when Admin logs in and tries to view user details, he
is able to view without any error.
Below are the entitlements provided to Approver:
USER_LIST,ROLE_101,WORKFLOW_FORM_CLAIM,USER_VIEW,USER_READ,ROLE_200,WORKFLOW_FORM_READ,WORKFLOW_FORM_SUBMIT,USER_CREATE,ROLE_102,WORKFLOW_FORM_LIST,USER_UPDATE
Are we missing any entitlement to Approver, for him to view user
details while approving.
Hi Suresh,
I think you're heading in the right direction, there should be
some missing entitlement.
I won't probably be able to give a try to your scenario for the
next days: could you please take a look at the exceptions in the
core-rest.log file? There should be something more useful there.
Regards.
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Involved at The Apache Software Foundation:
member, Syncope PMC chair, Cocoon PMC, Olingo PMC
http://people.apache.org/~ilgrosso/
