[KULRICE-6858] If editing groups or roles, it validates the existence of all members before saving the doc, even those which are "inactive" Created: 29/Feb/12  Updated: 06/Sep/12  Resolved: 06/Apr/12

Status: Closed
Project: Kuali Rice Development
Component/s: User Interface
Affects Version/s: None
Fix Version/s: 2.1.0-m2, 2.1
Security Level: Public (Public: Anyone can view)

Type: Improvement Priority: Major
Reporter: Eric Westfall Assignee: Jeff Ruch
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Similar issues:
KULRICE-4215Need a member "Inactivate" button that will automatically inactivate group/role/etc members
KULRICE-4820ActionRequestServiceImpl.saveActionRequest does not allow for documents to route to inactive groups.
KULRICE-12921UIDocumentService.loadRoleMembers yields IllegalArgumentException when all members are inactive
KULRICE-12284Issue routing to a role which has an empty group member
KULRICE-13968Reopening or reloading a role document can cause unmodified members to disappear
KULRICE-4575IM Person doc should only allow editing of direct group memberships
KULRICE-4852Kim Role search returns roles for "member" (group and principals) that are inactive
KULRICE-8790Role lookup needs a way to search for all roles of which a given role is a member
KULRICE-4153Inactive qualifiers cause problems on existing roles
KULRICE-8456When the 'Member Identifier' field on Role document is left blank and the 'Type Code' is equal to Group or Role - receive incident report
Rice Module:
KAI Review Status: Not Required
KTI Review Status: Review Completed


The main problem here is similar in nature to KULRICE-3307. There are situations where someone's identity might drop out of the system (in the case of LDAP). In theory the historical entity cache ought to help with this, but that might not always be the case. The problem in these situations is that it's not possible to remove the offending principal from the group or member via the UI because it's validating that the membership represents a valid principal. Seems it should only be validating "active" membership.

This was discussed at the KTI meeting on 02-29-2012: https://wiki.kuali.org/x/5nC1Eg

Comment by Jeff Ruch [ 29/Mar/12 ]

The changes are complete. A review has been created. Once the review is complete I will commit the code.

Comment by Jeff Ruch [ 06/Apr/12 ]

Tested on sample app. test identityService and identityRemoteService unit tests. Committed changes.

Generated at Tue Jul 07 04:51:37 CDT 2020 using JIRA 6.1.5#6160-sha1:a61a0fc278117a0da0ec9b89167b8f29b6afdab2.