Kuali Rice Development
  1. Kuali Rice Development
  2. KULRICE-2615

Set up Action List Help Desk and Document Search Security group to use the Default permission template instead of custom permission templates

    Details

    • Type: Improvement Improvement
    • Status: Closed Closed
    • Priority: Critical Critical
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 1.0
    • Component/s: Database, Development
    • Labels:
      None
    • Similar issues:
      KULRICE-2564Hook up Action List help desk login to KIM
      KULRICE-2565Help Desk action list login is not showing up on Action List
      KULRICE-14220Implement authorization checks on api endpoints for groups, action list, and document search
      KULRICE-10868Document the security/permission document type configuration
      KULRICE-6826Role Lookup throws SQLException when using non-role (Permission, Group, Permission Template, Responsibility, Responsibility Template) criteria
      KULRICE-12471Need to add support in code to use the KR-KRAD namespace permissions instead of the KNS namespace permissions
      KULRICE-6998"Template Id" field on the Permission maintenance document should be a drop-down menu instead of a text field
      KULRICE-2405create Permission Lookup & Inquiry
      KULRICE-2569Hook up Document Search "admin" functionality to KIM
      KULRICE-8245pressing enter when entering "help desk action list login" has confusing behavior
    • Rice Module:
      KEW

      Description

      As per discussion with Ailish on how best to model these permissions in KIM. Will require usage of IDMService.isAuthorized instead of IDMService.isAuthorizedByTemplateName

        Activity

        Hide
        Eric Westfall added a comment -

        Ailish set this up, I need to update in the Rice database which I haven't done yet and update the permission check code accordingly:

        i went and and added now. cause id never created any of these. i gave to kr tech admin and kfs-sys manager. and, i only inserted one perm att val for the 3rd, cause namespace isn't needed when action class is specified - just fyi. thanks!

        INSERT INTO KRIM_PERM_T(PERM_ID, OBJ_ID, VER_NBR, PERM_TMPL_ID, NM, DESC_TXT, ACTV_IND, NMSPC_CD)
        VALUES('298', sys_guid(), 1, '1', 'View Other Action List', null, 'Y', 'KR-WKFLW')
        /
        INSERT INTO KRIM_ROLE_PERM_T(ROLE_PERM_ID, OBJ_ID, VER_NBR, ROLE_ID, PERM_ID, ACTV_IND)
        VALUES('564', sys_guid(), 1, '63', '298', 'Y')
        /
        INSERT INTO KRIM_ROLE_PERM_T(ROLE_PERM_ID, OBJ_ID, VER_NBR, ROLE_ID, PERM_ID, ACTV_IND)
        VALUES('565', sys_guid(), 1, '44', '298', 'Y')
        /
        INSERT INTO KRIM_PERM_T(PERM_ID, OBJ_ID, VER_NBR, PERM_TMPL_ID, NM, DESC_TXT, ACTV_IND, NMSPC_CD)
        VALUES('299', sys_guid(), 1, '1', 'Unrestricted Document Search', null, 'Y', 'KR-WKFLW')
        /
        INSERT INTO KRIM_ROLE_PERM_T(ROLE_PERM_ID, OBJ_ID, VER_NBR, ROLE_ID, PERM_ID, ACTV_IND)
        VALUES('566', sys_guid(), 1, '63', '299', 'Y')
        /
        INSERT INTO KRIM_ROLE_PERM_T(ROLE_PERM_ID, OBJ_ID, VER_NBR, ROLE_ID, PERM_ID, ACTV_IND)
        VALUES('567', sys_guid(), 1, '44', '299', 'Y')
        /
        INSERT INTO KRIM_PERM_T(PERM_ID, OBJ_ID, VER_NBR, PERM_TMPL_ID, NM, DESC_TXT, ACTV_IND, NMSPC_CD)
        VALUES('300', sys_guid(), 1, '28', null, null, 'Y', 'KR-WKFLW')
        /
        INSERT INTO KRIM_PERM_ATTR_DATA_T(ATTR_DATA_ID, OBJ_ID, VER_NBR, TARGET_PRIMARY_KEY, KIM_TYP_ID, KIM_ATTR_DEFN_ID, ATTR_VAL)
        VALUES('424', sys_guid(), 1, '300', '12', '2', 'org.kuali.rice.kew.web.backdoor.AdministrationAction')
        /
        INSERT INTO KRIM_ROLE_PERM_T(ROLE_PERM_ID, OBJ_ID, VER_NBR, ROLE_ID, PERM_ID, ACTV_IND)
        VALUES('568', sys_guid(), 1, '63', '300', 'Y')
        /
        INSERT INTO KRIM_ROLE_PERM_T(ROLE_PERM_ID, OBJ_ID, VER_NBR, ROLE_ID, PERM_ID, ACTV_IND)
        VALUES('569', sys_guid(), 1, '44', '300', 'Y')
        /
        commit
        /

        Show
        Eric Westfall added a comment - Ailish set this up, I need to update in the Rice database which I haven't done yet and update the permission check code accordingly: i went and and added now. cause id never created any of these. i gave to kr tech admin and kfs-sys manager. and, i only inserted one perm att val for the 3rd, cause namespace isn't needed when action class is specified - just fyi. thanks! INSERT INTO KRIM_PERM_T(PERM_ID, OBJ_ID, VER_NBR, PERM_TMPL_ID, NM, DESC_TXT, ACTV_IND, NMSPC_CD) VALUES('298', sys_guid(), 1, '1', 'View Other Action List', null, 'Y', 'KR-WKFLW') / INSERT INTO KRIM_ROLE_PERM_T(ROLE_PERM_ID, OBJ_ID, VER_NBR, ROLE_ID, PERM_ID, ACTV_IND) VALUES('564', sys_guid(), 1, '63', '298', 'Y') / INSERT INTO KRIM_ROLE_PERM_T(ROLE_PERM_ID, OBJ_ID, VER_NBR, ROLE_ID, PERM_ID, ACTV_IND) VALUES('565', sys_guid(), 1, '44', '298', 'Y') / INSERT INTO KRIM_PERM_T(PERM_ID, OBJ_ID, VER_NBR, PERM_TMPL_ID, NM, DESC_TXT, ACTV_IND, NMSPC_CD) VALUES('299', sys_guid(), 1, '1', 'Unrestricted Document Search', null, 'Y', 'KR-WKFLW') / INSERT INTO KRIM_ROLE_PERM_T(ROLE_PERM_ID, OBJ_ID, VER_NBR, ROLE_ID, PERM_ID, ACTV_IND) VALUES('566', sys_guid(), 1, '63', '299', 'Y') / INSERT INTO KRIM_ROLE_PERM_T(ROLE_PERM_ID, OBJ_ID, VER_NBR, ROLE_ID, PERM_ID, ACTV_IND) VALUES('567', sys_guid(), 1, '44', '299', 'Y') / INSERT INTO KRIM_PERM_T(PERM_ID, OBJ_ID, VER_NBR, PERM_TMPL_ID, NM, DESC_TXT, ACTV_IND, NMSPC_CD) VALUES('300', sys_guid(), 1, '28', null, null, 'Y', 'KR-WKFLW') / INSERT INTO KRIM_PERM_ATTR_DATA_T(ATTR_DATA_ID, OBJ_ID, VER_NBR, TARGET_PRIMARY_KEY, KIM_TYP_ID, KIM_ATTR_DEFN_ID, ATTR_VAL) VALUES('424', sys_guid(), 1, '300', '12', '2', 'org.kuali.rice.kew.web.backdoor.AdministrationAction') / INSERT INTO KRIM_ROLE_PERM_T(ROLE_PERM_ID, OBJ_ID, VER_NBR, ROLE_ID, PERM_ID, ACTV_IND) VALUES('568', sys_guid(), 1, '63', '300', 'Y') / INSERT INTO KRIM_ROLE_PERM_T(ROLE_PERM_ID, OBJ_ID, VER_NBR, ROLE_ID, PERM_ID, ACTV_IND) VALUES('569', sys_guid(), 1, '44', '300', 'Y') / commit /
        Hide
        Eric Westfall added a comment -

        The database and code has been updated.

        Show
        Eric Westfall added a comment - The database and code has been updated.
        Hide
        Eric Westfall added a comment -

        Bulk change of all Rice 1.0 issues to closed after public release.

        Show
        Eric Westfall added a comment - Bulk change of all Rice 1.0 issues to closed after public release.

          People

          • Assignee:
            Eric Westfall
            Reporter:
            Eric Westfall
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Structure Helper Panel