Kuali Rice Development
  1. Kuali Rice Development
  2. KULRICE-4151

Permission and responsibility lookups don't seem to take nested roles into account

    Details

    • Type: Bug Fix Bug Fix
    • Status: Closed Closed
    • Priority: Critical Critical
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: KFS Release 4.0, 1.0.3
    • Component/s: Development
    • Labels:
      None
    • Similar issues:
      KULRICE-7182Permission lookup by Attribute Value doesn't seem to work
      KULRICE-9136Convert Role/Group/Permission/Responsibility Type to KRAD
      KULRICE-6826Role Lookup throws SQLException when using non-role (Permission, Group, Permission Template, Responsibility, Responsibility Template) criteria
      KULRICE-4385Multiple delegates seem to be mixed up when viewing a person
      KULRICE-4000In Role edit screen, make it so that "add permission" / "add responsibility" form widgets don't show up unless the user has permisison
      KULRICE-8416On the permission and responsibility lookups would be nice to search by number.
      KULRICE-8125Permission Lookup by Role Name not working
      KULRICE-5927Rice Dev: Role Create Document Permissions and Responsibilities lookups not working an
      KULRICE-4359 Allow characters other than alphanumeric in Permission and Responsibility names
    • Rice Module:
      KIM
    • Application Requirement:
      KFS

      Description

      Looked up principal name "butt" on the permission lookup and I don't get a complete list. This is missing any permissions that butt gets because he's in a role that's nested in another role. This should be returning all permissions for the specified principal whether they come from an explicitly assigned role or a role nested in another role. Without this it's extremely difficult to pin down all of a user's permissions and where they come from.

        Issue Links

          Activity

          Hide
          Jonathan Keller added a comment -

          Damon - where are you looking. I don't think anything was changed to make the permissions/role members appear. (From my knowledge of the UI code, that would be very difficult the way they were designed.) I think all was changed was that you could look up roles by the nested role members. (I'm not sure about permissions - I haven't looked at what the Rice team actually changed.)

          Show
          Jonathan Keller added a comment - Damon - where are you looking. I don't think anything was changed to make the permissions/role members appear. (From my knowledge of the UI code, that would be very difficult the way they were designed.) I think all was changed was that you could look up roles by the nested role members. (I'm not sure about permissions - I haven't looked at what the Rice team actually changed.)
          Hide
          Jeremy Hanson added a comment -

          In rice, this is working. To test, I created a new role with the user Fran as a member. I then added this new role to the Technical administrator role. When I do a permission search for the user fran, it returns all of the Technical Administrator permissions. (fran doesn't have any other permissions)

          Show
          Jeremy Hanson added a comment - In rice, this is working. To test, I created a new role with the user Fran as a member. I then added this new role to the Technical administrator role. When I do a permission search for the user fran, it returns all of the Technical Administrator permissions. (fran doesn't have any other permissions)
          Hide
          Jeremy Hanson added a comment -

          trying wit kfs dataset now

          Show
          Jeremy Hanson added a comment - trying wit kfs dataset now
          Hide
          Jeremy Hanson added a comment -

          Corrected a problem where the nesting wasn't working if the role the principal belonged to belonged to more than one role. should work with lmjarboe now once kfs updates

          Show
          Jeremy Hanson added a comment - Corrected a problem where the nesting wasn't working if the role the principal belonged to belonged to more than one role. should work with lmjarboe now once kfs updates
          Hide
          Damon Dorsey added a comment -

          This one looks good now.
          Thanks!
          Damon

          Show
          Damon Dorsey added a comment - This one looks good now. Thanks! Damon

            People

            • Assignee:
              Jeremy Hanson
              Reporter:
              Dan Lemus (Inactive)
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Time Tracking

                Estimated:
                Original Estimate - 4 days
                4d
                Remaining:
                Remaining Estimate - 4 days
                4d
                Logged:
                Time Spent - Not Specified
                Not Specified

                  Structure Helper Panel