[FOLIO-3259] [PoC] Add a user type to hide tenant users Created: 02/Aug/21  Updated: 12/Aug/21  Resolved: 12/Aug/21

Status: Closed
Project: FOLIO
Components: None
Affects versions: None
Fix versions: None

Type: Story Priority: TBD
Reporter: Mikhail Fokanov Assignee: Mikhail Fokanov
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original estimate: Not Specified

Issue links:
Relates
relates to UIU-2243 Hide system users by default Closed
Sprint: CP: sprint 120
Story Points: 3
Development Team: Core: Platform

 Description   

Background

To call edge modules APIs use 3rd party system uses api-keys, that are base64 encoded jsons with passwords. These are essentially tenant-level users.

Purpose of the PoC

Tenant users should be hidden from the users app to reduce the risk of being accidentally changed/removed/etc.

Approach

Property type should be used in mod-users users table. The default value should be 'user'. User management UI by default should receive only users with type = 'user'.



 Comments   
Comment by Marc Johnson [ 10/Aug/21 ]

Mikhail Fokanov Deborah Jakubs

The default value should be 'user'

What are the other types?

User management UI by default should receive only users with type = 'user'.

Should this filter also be applied everywhere else that the system presents or uses users e.g. in the find user plugins or when the circulation back end is fetching a user as part of a check out / check in?

Comment by Mikhail Fokanov [ 10/Aug/21 ]

What are the other types?

After creation of the Jira, it was disscused with Core-platform team (including Jakub Skoczen) that it makes more sense to leave user type blank for simple users and use the "system_..." type only for newly created system users.

Should this filter also be applied everywhere else

It is for the corresponding POs to decide. Before this story there was no ability to filter them out. For now there is such ability.

Comment by Marc Johnson [ 10/Aug/21 ]

Mikhail Fokanov Jakub Skoczen

After creation of the Jira, it was disscused with Core-platform team (including Jakub) that it makes more sense to leave user type blank for simple users and use the "system_..." type only for newly created system users.

By blank do you mean not defined or an empty string?

Does that mean we need to filter out users when the type is not system?

It is for the corresponding POs to decide. Before this story there was no ability to filter them out.

How do the relevant POs know they need to make that decision? Has this model been discussed with them or the user management SIG?

For now there is such ability.

Does that mean this work has been done and is in the mainline code?

Generated at Thu Feb 08 23:26:47 UTC 2024 using Jira 1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d.