[FOLIO-3321] Update create-tenant-admin role to use new perms.users.assign* permissions Created: 25/Oct/21  Updated: 03/Nov/21  Resolved: 03/Nov/21

Status: Closed
Project: FOLIO
Components: None
Affects versions: None
Fix versions: None

Type: Task Priority: TBD
Reporter: Wayne Schneider Assignee: Wayne Schneider
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original estimate: Not Specified

Issue links:
Duplicate
is duplicated by FOLIO-3328 Platform Complete Build Fails Closed
Relates
relates to MODPERMS-157 Check assignment permissions for oper... Closed
Sprint: DevOps Sprint 126
Development Team: FOLIO DevOps

 Description   

A new, special permission is being created to allow users to assign permissions that they don't have themselves to other users – perms.users.extra – which not part of perms.all. This may require the create-tenant-admin role to be updated.

See PR #135 on mod-permissions, and MODPERMS-157 Closed .



 Comments   
Comment by Wayne Schneider [ 02/Nov/21 ]

Permission names are
perms.users.assign.immutable
perms.users.assign.mutable
perms.users.assign.okapi

The third one should only be assigned to the supertenant admin user, the tenant admin user should not have it.

Comment by Wayne Schneider [ 03/Nov/21 ]

Updates made to folio-ansible (create-tenant-admin and okapi-secure) and to folio-install (bootstrap-superuser.pl).

Generated at Thu Feb 08 23:27:14 UTC 2024 using Jira 1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d.