[KULRICE-7074] Restore Permission/Role/Responsibility logging Created: 04/Apr/12  Updated: 17/Apr/12  Resolved: 17/Apr/12

Status: Closed
Project: Kuali Rice Development
Component/s: Development
Affects Version/s: 2.0, 2.0.1
Fix Version/s: 2.0.2
Security Level: Public (Public: Anyone can view)

Type: Bug Fix Priority: Blocker
Reporter: Jonathan Keller Assignee: Shannon Hess
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Rely
is relied upon by KFSOLD-21078 Approver receives error "You are not ... Closed
Similar issues:
KULRICE-1352form is not restored from session for multipart request
KULRICE-9705Create Smoke tests to validate Session restore.
KULRICE-7458Restore the display of permission/responsibility details on KIM Inquiries
KULRICE-13625Create CI jobs to backup and restore rice test DBs
KULRICE-5633Make sure Detailed Search save/restore works for Document Search
KULRICE-388restore parsing of image url refs on LookupDefinition.java (${kr.externalizable.images.url})
KULRICE-2307Restore DocumentAuthorizorTest after the Person/Group refactoring is done
KULRICE-11664DocumentBase JPA versus OJB change regarding saving/restoring documentHeader
KULRICE-13159Rice placing HTTP request into session scope - prevents session replication/restore
KULRICE-4702Reduce logging to DEBUG on some of the edoclite logging that is currently logging at INFO
Rice Module:
KIM
Application Requirement:
KFS
KAI Review Status: Not Required
KTI Review Status: Not Required

 Description   

In the identity management and role management services, there was some extensive logging which could be turned on for all permission/responsibility checks and role resolutions. With those gone, developers (and implementors) have lost an extremely useful tool which could be used for troubleshooting KIM.

Please restore the logging which was in place in Rice 1.0.3.3. KFS still has some of it since we have the IdentityManagementService stub, but for all of the Rice components which perform permission checks, we are now running blind, especially on our servers, where running a debugger is not an option.



 Comments   
Comment by Jonathan Keller [ 04/Apr/12 ]

Upgrading severity as without this we can not troubleshoot a testing blocker in KFS.

Comment by Shannon Hess [ 09/Apr/12 ]

I just committed a fix for this. Can you please bring in the new snapshots tomorrow and see if it meets your needs?

Thanks,
Shannon

Added logging in the following methods, similar to 1.0.3.3:

PermissionServiceImpl.isAuthorized
PermissionServiceImpl.isAuthorizedByTemplateName
ResponsibilityServiceImpl.getResponsibilityActions
ResponsibilityServiceImpl.getResponsibilityActionsByTemplate
RoleServiceImpl.principalHasRole

Comment by Dan Lemus (Inactive) [ 10/Apr/12 ]

I'll be pulling this in tonight. Thank you Shannon!

Comment by Shannon Hess [ 10/Apr/12 ]

Dan,

I just found out that I committed my changes to the 2.2 branch rather than the 2.0.2 branch. I'm applying the changes now to the 2.0.2 branch, but updated snapshot jars will not be created until midnight EST. Could you please hold off until tomorrow to pull in the jars? I'm sorry about the inconvenience.

Thanks,
Shannon

Generated at Tue Jun 02 08:49:37 CDT 2020 using JIRA 6.1.5#6160-sha1:a61a0fc278117a0da0ec9b89167b8f29b6afdab2.