Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

Implement mechanism to update system shadow users permissions

Description

Purpose:

mod-consortia uses folio-spring-system-user shared library to interact with system users. It has logic to update permissions for system user and has method to add permissions from csv file: PrepareSystemUserService.java#L91 

mod-consortia uses shadow system users for 'consortia-system-user' from the central tenant to share setting in any member tenant.

During enabling tenant if tenantId != centralTenantId need to find id of shadow system user from real user from the central tenant and invoke method in PrepareSystemUserService to update permissions of shadow system user.

If a real system user from the central tenant was not found - need to throw an error with response to enable mod-consortia on the central tenant firstly.

If centralTenantId param is not presented - need to throw and error to specify centralTenantId during module enabling

Note: additional stories for Kitfox and FSE should be created to provide centralTenantId param for enabling mod-consortia

This story is needed to be able to implement MODCON-121 , MODCON-122 . Also it would be useful for future if we are going to support new settings to be shared.

Environment

None

Potential Workaround

None

Attachments

12
  • 08 Dec 2023, 09:24 AM
  • 08 Dec 2023, 09:24 AM
  • 08 Dec 2023, 09:24 AM
  • 08 Dec 2023, 09:24 AM
  • 08 Dec 2023, 09:24 AM
  • 08 Dec 2023, 09:24 AM
  • 07 Dec 2023, 03:07 PM
  • 07 Dec 2023, 03:07 PM
  • 07 Dec 2023, 03:06 PM
  • 07 Dec 2023, 03:06 PM
  • 07 Dec 2023, 03:05 PM
  • 07 Dec 2023, 03:05 PM

Checklist

hide

TestRail: Results

Activity

Show:

Serhii_NoskoDecember 8, 2023 at 9:39 AM

Works as expected on https://folio-dev-thunderjet-consortium.ci.folio.org/ , attached 6 txt files, 3 files with permissions for consortia-system-user before change(for real user in central tenant and 2 shadow in members), and 3 after.

Each file (before fix) had 83 permissions, after adding 6 new permissions PR in csv file for system user we just re-enabled mod-consortia on each tenant, and permissions in central tenant for consortia-system-user and in all member tenants for shadow usersare updated to 89 permissions as expected(can verify it in other 3 txt files).

So now if going to add new endpoints for sharing settings functionality - we just need to update csv file - and permissions for all shadow system users of 'consortia-system-user' from central tenant would be propagated automatically.

Just note, sharing occurs only from central tenant system user context, so all shadow consortia system users should have the same permissions to make sharing workable.

Looks good, closing this story.

 

Azizbek KhushvakovDecember 7, 2023 at 3:07 PM

Tested locally:

Added pubsub.publishers.get permission to central system user of central tenant

 

This permission was not exists in shadow system users of university tenant

 

Module updated

 

Succesfully extracted newly added permission and added 

Done

Details

Assignee

Reporter

Priority

Story Points

Sprint

Development Team

Thunderjet

Fix versions

Release

Quesnelia (R1 2024)

TestRail: Cases

Open TestRail: Cases

TestRail: Runs

Open TestRail: Runs

Created November 22, 2023 at 6:14 PM
Updated December 11, 2023 at 10:31 AM
Resolved December 8, 2023 at 9:40 AM
TestRail: Cases
TestRail: Runs

Flag notifications