Kuali Rice Development
  1. Kuali Rice Development
  2. KULRICE-10439

AttributeSecurity hide attribute is not handled correctly

    Details

    • Type: Bug Fix Bug Fix
    • Status: Closed Closed
    • Priority: Critical Critical
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 2.4
    • Security Level: Public (Public: Anyone can view)
    • Labels:
      None
    • Similar issues:
      KULRICE-5339Finish integration with presentation controller/authorizer/AttributeSecurity checking KIM
      KULRICE-4442Person service does not handle extension objects properly
      KULRICE-10434modify BusinessObjectBase.toString to hide sensitive information
      KULRICE-4021CustomerTypeHamdler doesn't handle CustomerType Annoation correctly
      KULRICE-4243Responsibility document does not handle blank qualifier resolver correctly
      KULRICE-3179Document Configuration screen Show/Hide buttons not working correctly
      KULRICE-7637show inactive / hide inactive button on subtab is not working correctly.
      KULRICE-5168Handle Context Attributes BOs in ContextBoService
      KULRICE-10308Lookup: Check that masked fields are reset properly with "clear value"
      KULRICE-6414Label for collection field does not show/hide correctly with progressive disclosure or refresh
    • KRAD Feature Area:
      Inquiry
    • Sprint:
      2.4.0-m2 Sprint 2, 2.4.0-m2 KRAD Sprint 3
    • KAI Review Status:
      Not Required
    • KTI Review Status:
      Not Required
    • Code Review Status:
      Not Required
    • Include in Release Notes?:
      Yes

      Description

      In the KNS, you could hide an entire field in the Inquiry based on KIM permissions by adding AttributeSecurity to the DD

      <property name="attributeSecurity">
        <bean parent="AttributeSecurity" p:hide="true"/>
      </property>
      

      This would have the effect of removing the entire row (description and value) from the interface if a permission based on the KR-NS / View Inquiry or Maintenance Document Field template was not assigned to the current user. In KRAD, there are several issues that prevent this from working.

      • DataField.hasSecureValue incorrectly calls isHidden() to check for a secure field. Confirmed with Jerry that it should not do this.
      • The permissions are not consulted for AttributeSecurity.isHide. The field should only be displayed if a permission based on the KR-KRAD / View Field template is assigned to the current user.
      • KRAD does not completely eliminate this field from the interface. It only encrypts the value and shows the description. It needs to completely remove this from the interface, just as if the field had p:render="false" and p:hidden="true".

      I believe the additional check for AttributeSecurity should just be added to ViewAuthorizerBase.canViewField. Then, the p:render="false" and p:hidden="true" attributes will be set correctly. I will update the KNS2KRAD guide separately to reflect what this should be.

        Activity

        Kristina Taylor (Inactive) made changes -
        Field Original Value New Value
        Description In the KNS, you could hide an entire field in the Inquiry based on KIM permissions by adding {{AttributeSecurity}} to the DD

        {code}
        <property name="attributeSecurity">
          <bean parent="AttributeSecurity" p:hide="true"/>
        </property>
        {code}

        This would have the effect of removing the entire row (description and value) from the interface if a permission based on the KR-NS / View Inquiry or Maintenance Document Field template was not assigned to the current user. In KRAD, there are several issues that prevent this from working.

        * {{DataField.hasSecureValue}} incorrectly calls {{isHidden()}} to check for a secure field. Confirmed with Jerry that it should not do this.
        * The permissions are not consulted for {{AttributeSecurity.isHide}}. The field should only be displayed if a permission based on an available template is assigned to the current user. I believe the permission template should be KR-KRAD / View Field, but we may need to look into this further).
        * KRAD does not completely eliminate this field from the interface. It only encrypts the value and shows the description. We need to decide whether we should be exactly KNS equivalent or just hide and encrypt the value, leaving the description intact.
        In the KNS, you could hide an entire field in the Inquiry based on KIM permissions by adding {{AttributeSecurity}} to the DD

        {code}
        <property name="attributeSecurity">
          <bean parent="AttributeSecurity" p:hide="true"/>
        </property>
        {code}

        This would have the effect of removing the entire row (description and value) from the interface if a permission based on the KR-NS / View Inquiry or Maintenance Document Field template was not assigned to the current user. In KRAD, there are several issues that prevent this from working.

        * {{DataField.hasSecureValue}} incorrectly calls {{isHidden()}} to check for a secure field. Confirmed with Jerry that it should not do this.
        * The permissions are not consulted for {{AttributeSecurity.isHide}}. The field should only be displayed if a permission based on the KR-KRAD / View Field template is assigned to the current user.
        * KRAD does not completely eliminate this field from the interface. It only encrypts the value and shows the description. It needs to completely remove this from the interface, just as if the field had p:render="false" and p:hidden="true".

        I believe the additional check for {{AttributeSecurity}} should just be added to {{ViewAuthorizerBase.canViewField}}. Then, the p:render="false" and p:hidden="true" attributes will be set correctly. I will update the KNS2KRAD guide separately to reflect what this should be.
        Kristina Taylor (Inactive) made changes -
        Fix Version/s 2.4.0-m2 [ 17036 ]
        Fix Version/s 2.4 [ 16913 ]
        Kristina Taylor (Inactive) made changes -
        Fix Version/s 2.4.0-m3 [ 17037 ]
        Kristina Taylor (Inactive) made changes -
        Fix Version/s 2.4 [ 16913 ]
        Fix Version/s 2.4.0-m2 [ 17036 ]
        Fix Version/s 2.4.0-m3 [ 17037 ]
        Kristina Taylor (Inactive) made changes -
        Epic Link KULRICE-9439 [ 114708 ]
        Peter Giles (Inactive) made changes -
        Sprint 2.4.0-m2 Sprint 2 [ 63 ]
        Peter Giles (Inactive) made changes -
        Rank Ranked lower
        Peter Giles (Inactive) made changes -
        Assignee Kristina Taylor [ kbtaylor ]
        Kristina Taylor (Inactive) made changes -
        Status Open [ 1 ] In Progress [ 3 ]
        Jessica Coltrin (Inactive) made changes -
        Rank Ranked higher
        Jessica Coltrin (Inactive) made changes -
        Sprint 2.4.0-m2 Sprint 2 [ 63 ] 2.4.0-m2 Sprint 2, 2.4.0-m2 KRAD Sprint 3 [ 63, 76 ]
        Kristina Taylor (Inactive) made changes -
        Remaining Estimate 3 days [ 86400 ] 0 minutes [ 0 ]
        Time Spent 1 day, 6 hours [ 50400 ]
        Worklog Id 88469 [ 88469 ]
        Kristina Taylor (Inactive) made changes -
        Status In Progress [ 3 ] Resolved [ 5 ]
        Resolution Fixed [ 1 ]
        Jessica Coltrin (Inactive) made changes -
        Fix Version/s 2.4.0-m2 [ 17036 ]
        Jessica Coltrin (Inactive) made changes -
        Fix Version/s 2.4.0-m2 [ 17036 ]
        Jessica Coltrin (Inactive) made changes -
        Status Resolved [ 5 ] Closed [ 6 ]

          People

          • Assignee:
            Kristina Taylor (Inactive)
            Reporter:
            Kristina Taylor (Inactive)
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Time Tracking

              Estimated:
              Original Estimate - 3 days
              3d
              Remaining:
              Remaining Estimate - 0 minutes
              0m
              Logged:
              Time Spent - 1 day, 6 hours Time Not Required
              1d 6h

                Agile

                  Structure Helper Panel