Uploaded image for project: 'Kuali Rice Development'
  1. Kuali Rice Development
  2. KULRICE-4303

Document initiator check fails when KIM is run in remote mode

    Details

    • Rice Module:
      KNS, KEW, KIM

      Description

      When an application has configured KIM in "remote" mode, permission checks that cross the service bus and occur in the Rice server and that depend on observing client Rice state (such as the document route header for initiator) will fail because client changes have not yet been committed to the database.

      For example, RouteLogDerivedRoleTypeServiceImpl.hasApplicationRole:

      if (INITIATOR_ROLE_NAME.equals(roleName)){
      isUserInRouteLog =
      principalId.equals(workflowInfo.getDocumentInitiatorPrincipalId(documentNumberLong));

      This will always fail for newly initiated documents, and the result will be that all new documents will be read only (because the current user is not seen to be the "initiator") regardless of any other permission setting.

      This is one such example, but it seems like a general problem and could be more widespread (any other state a client may save and the Rice standalone instance may be requested to operate on).

        Attachments

          Issue Links

            Activity

            Error rendering 'com.atlassian.jira.jira-view-issue-plugin:activitymodule'. Please contact your JIRA administrators.

              People

              • Assignee:
                Unassigned
                Reporter:
                ahamid Aaron Hamid (Inactive)
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated: