Done
Details
Assignee
Adam DickmeissAdam DickmeissReporter
Adam DickmeissAdam DickmeissPriority
TBDStory Points
2Sprint
NoneDevelopment Team
Core: PlatformFix versions
TestRail: Cases
Open TestRail: CasesTestRail: Runs
Open TestRail: Runs
Details
Details
Assignee
Adam Dickmeiss
Adam DickmeissReporter
Adam Dickmeiss
Adam DickmeissPriority
TBDStory Points
2
Sprint
None
Development Team
Core: Platform
Fix versions
TestRail: Cases
Open TestRail: Cases
TestRail: Runs
Open TestRail: Runs
Created December 22, 2021 at 2:58 PM
Updated January 20, 2022 at 11:42 AM
Resolved December 23, 2021 at 12:32 PM
Motivation:
In some tests (karate), apparently the operating user is non-existing. It may exist - but not for the tenant where the operation is performed. The check for the operating user fails and the permission assignment fails with the code introduced in MODPERMS-157.
Procedure:
Do not fail if operating user does not exist.. Instead in this case, assume the operating user has no permissions (empty set). The sole requirement is instead the the module permissions (
modulePermissionsin routing entry) has what it takes. This allows modules to create user with any permissions they want, but those must be listed in one of two ways:1. the modulePermissions include
perms.users.assign.immutable..2. the modulePermissions include the permissions that are assigned for the user to be created.
The 2nd approach is better as it clearly states what the module user will end up having .. With number 1, the module user may get any immutable permission (or at least the permissions must be checked somewhere else).