Kuali Rice Development
  1. Kuali Rice Development
  2. KULRICE-7439

Assignment of "Add Message to Route Log" permission to the KR-SYS technical administrator is missing from bootstrap dataset

    Details

    • Type: Bug Fix Bug Fix
    • Status: Closed Closed
    • Priority: Critical Critical
    • Resolution: Fixed
    • Affects Version/s: 2.0.2, 2.1
    • Fix Version/s: 2.2
    • Component/s: Database
    • Security Level: Public (Public: Anyone can view)
    • Labels:
      None
    • Similar issues:
      KULRICE-2414double check the permissions and responsibilities ailish created for rice modules
      KULRICE-4603Person: Cannot use hyphenated last name on the Person doc - receive error that only letters or digits may be used. Also prevents the addition of roles if a person comes into KIM via LDAP with a hyphen.
      KULRICE-3301Missing Permission data disallows some editing of KIM data in Rice
      KULRICE-2539Ensure old permission-related Application Constants are converted over to KIM, completely remove remaining pieces of Application Constants services and screens
      KULRICE-4417Add new permission records for adding route log messages
      KULRICE-9720Route Log Icon Missing from Action List
      KULRICE-3042Permissions for creating, editing, etc. system parameters seems to be messed up in the Rice DB
      KULRICE-12891Dataset Cleanup: Remove KREW_RTE_BRCH_PROTO_T entry from bootstrap
      KULRICE-9000guest principal and entity were stripped from the server bootstrap dataset
      KULRICE-2416all rice actions should extend KualiAction, so these permissions are enforced - they replace any existing app constants or configuration related to rice authz - please double check for any i missed
    • Rice Module:
      KIM
    • Application Requirement:
      KFS
    • KAI Review Status:
      Not Required
    • KTI Review Status:
      Not Required

      Description

      (The permission is properly assigned in the Rice 2.1 demo dataset.)

      --- upgraded_kim_data.txt	2012-06-05 12:09:24.000000000 -0400
      +++ new_kim_data.txt	2012-06-05 12:12:19.000000000 -0400
      @@ -1691,7 +1691,6 @@
       KR-SYS,Technical Administrator,KR-WKFLW,Use Document Operation Screen
       KR-SYS,Technical Administrator,KR-WKFLW,Use Screen XML Ingester Screen
       KR-SYS,Technical Administrator,KR-WKFLW,View Other Action List
      -KR-SYS,Technical Administrator,KUALI,Add Message to Route Log
       KR-WKFLW,Acknowledge Request Recipient,KUALI,Take Requested Acknowledge Action
       KR-WKFLW,Approve Request Recipient,KFS-PURAP,Edit Document PREQ R
       KR-WKFLW,Approve Request Recipient,KFS-PURAP,Use Transactional Document PREQ requestPaymentRequestCancel
      

        Activity

        Hide
        Jessica Coltrin (Inactive) added a comment -

        moving to 2.1.2

        Show
        Jessica Coltrin (Inactive) added a comment - moving to 2.1.2
        Hide
        Peter Giles (Inactive) added a comment -

        It is explicitly removed by the bootstrap-server-dataset-cleanup.sql script on line 261. Looks like that was added a couple of years ago as part of KULRICE-3852. The changeset is here: https://fisheye.kuali.org/changelog/rice/?cs=14145

        I'm assuming the fix is just to remove this one sql statement. However, this will change the delivered data for Rice 2.1.1, which would require an upgrade script in order to put existing implementors on the same page. Therefore I think this needs to occur in Rice 2.2.0 instead. Please let me know if I'm off base here.

        Show
        Peter Giles (Inactive) added a comment - It is explicitly removed by the bootstrap-server-dataset-cleanup.sql script on line 261. Looks like that was added a couple of years ago as part of KULRICE-3852 . The changeset is here: https://fisheye.kuali.org/changelog/rice/?cs=14145 I'm assuming the fix is just to remove this one sql statement. However, this will change the delivered data for Rice 2.1.1, which would require an upgrade script in order to put existing implementors on the same page. Therefore I think this needs to occur in Rice 2.2.0 instead. Please let me know if I'm off base here.
        Hide
        Jonathan Keller added a comment -

        That's what I've been told. 2.2 for any data changes. If it really should not be there, then it needs to be in the upgrade scripts to remove it if present. I think that's how I found it. If you upgrade from Rice 1.x to 2.x, you have the permission. If you start with 2.x, it's not there.

        So, if it's not supposed to be there, then I need to include its removal in my KFS 5.0 upgrade scripts.

        Show
        Jonathan Keller added a comment - That's what I've been told. 2.2 for any data changes. If it really should not be there, then it needs to be in the upgrade scripts to remove it if present. I think that's how I found it. If you upgrade from Rice 1.x to 2.x, you have the permission. If you start with 2.x, it's not there. So, if it's not supposed to be there, then I need to include its removal in my KFS 5.0 upgrade scripts.
        Hide
        Peter Giles (Inactive) added a comment -

        Okay, I follow you now. I looked through the impex datasets and indeed, in the main dataset for 1.0.3.3 the permission assignment is in there (https://svn.kuali.org/repos/rice/tags/rice-1.0.3.3/dbs/rice-main-db/KRIM_ROLE_PERM_T.xml), and then it goes away in the 2.0.0 server dataset (https://svn.kuali.org/repos/rice/tags/rice-2.0.0/db/impex/server/bootstrap/src/main/resources/KRIM_ROLE_PERM_T.xml). To look for it, search for ' PERM_ID="841"' and make sure you get the leading whitespace.

        So the remaining question is: in the upgrade script for 2.2, should we delete the KRIM_ROLE_PERM_T row , or conditionally add it if it doesn't exist?

        Show
        Peter Giles (Inactive) added a comment - Okay, I follow you now. I looked through the impex datasets and indeed, in the main dataset for 1.0.3.3 the permission assignment is in there ( https://svn.kuali.org/repos/rice/tags/rice-1.0.3.3/dbs/rice-main-db/KRIM_ROLE_PERM_T.xml ), and then it goes away in the 2.0.0 server dataset ( https://svn.kuali.org/repos/rice/tags/rice-2.0.0/db/impex/server/bootstrap/src/main/resources/KRIM_ROLE_PERM_T.xml ). To look for it, search for ' PERM_ID="841"' and make sure you get the leading whitespace. So the remaining question is: in the upgrade script for 2.2, should we delete the KRIM_ROLE_PERM_T row , or conditionally add it if it doesn't exist?
        Hide
        Jonathan Keller added a comment -

        AFIAC, it doesn't have to be added if it was determined that it should not be there. I assumed it had been eliminated incorrectly since it's removal was not in the upgrade scripts. Since it sounds like it was intentional, then I think the only action at this point would be to add its removal to the 2.2 scripts to get things back in sync. It was not a requirement of KFS that it be there since we have our own permission to enable it for our documents.

        Show
        Jonathan Keller added a comment - AFIAC, it doesn't have to be added if it was determined that it should not be there. I assumed it had been eliminated incorrectly since it's removal was not in the upgrade scripts. Since it sounds like it was intentional, then I think the only action at this point would be to add its removal to the 2.2 scripts to get things back in sync. It was not a requirement of KFS that it be there since we have our own permission to enable it for our documents.
        Hide
        Peter Giles (Inactive) added a comment -

        Committed the upgrade scripts, and added a note to the impacting changes wiki page.

        Show
        Peter Giles (Inactive) added a comment - Committed the upgrade scripts, and added a note to the impacting changes wiki page.

          People

          • Assignee:
            Peter Giles (Inactive)
            Reporter:
            Jonathan Keller
          • Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Structure Helper Panel