[UIU-2410] Issues with a permission set which includes a hidden permission Created: 12/Aug/21 Updated: 06/Dec/23 Resolved: 01/Sep/21 |
|
| Status: | Closed |
| Project: | ui-users |
| Components: | None |
| Affects versions: | None |
| Fix versions: | None |
| Type: | Bug | Priority: | P2 |
| Reporter: | Debra Howell | Assignee: | Unassigned |
| Resolution: | Won't Do | Votes: | 0 |
| Labels: | Support | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original estimate: | Not Specified | ||
| Issue links: |
|
||||||||
| Sprint: | Prokopovych - Sprint 122 | ||||||||
| Development Team: | Prokopovych | ||||||||
| Potential Workaround: | In order to add a standard permission without losing the hidden permission, I need to first go to Settings/Developer/Configuration and put a checkmark for List “invisible” permissions in add-perm menus. | ||||||||
| Affected Institution: |
Cornell
|
||||||||
| Description |
|
Overview:
Expected Results: See above Actual Results: See above example Additional Information: |
| Comments |
| Comment by Anya [ 16/Aug/21 ] |
|
Support - we think that Zak Burke needs to look into this.
IT should be possible to inform users that there are hidden permissions - that will be lost if the set or the users are changed...
Debra Howell and Zak Burke will work on this to flush out steps to recreate |
| Comment by Zak Burke [ 30/Aug/21 ] |
|
Debra Howell, Amy Blumenthal: The real problem here is that hidden permissions should never be part of a permission set and as such it's very tempting to close this as "Won't fix". In other words, this ticket describes a symptom, but it is not the actual problem. If such permission are necessary to accomplish a task, that is an indication of a misconfigured pset elsewhere (as noted on Slack, multiple times), probably in a ui-app's package.json file, and we should file bugs accordingly. For the record, here's an explanation of the current form behavior. Given a permission-set composed of the visible permissions A, B, and C, as well as the hidden permissions X, Y, and Z, the full list looks like [A, B, C, X, Y, Z]. When editing a pset, only A, B, and C will be visible in the accordion, but the form's cache contains the full list [A, B, C, X, Y, Z]. Clicking the X to remove a permission removes it from the form's cache, so removing A results in [B, C, X, Y, Z]. Clicking the "Add permission" button opens the "Select permissions" modal, which receives a list of all visible permissions, plus the currently-assigned permissions from the cache. Adding F and removing A in the dialog adds and removes them from its list of assigned permissions. Clicking the dialog's "Save and close" button calls a function that takes the intersection of visible permissions and assigned permissions, resulting in a list like [B, C, F], i.e. all hidden permissions are removed. We could pass the modal a list of all permissions, instead of only the visible permissions, but then these extremely granular permissions which are not supposed to be user-assignable would become user-assignable. I will grant, however, that this is a lousy user experience. If we leave the dialog as-is, receiving only visible permissions, we could provide an alert/warning/something when saving the changes would remove hidden permissions. I filed
|
| Comment by Amy Blumenthal [ 31/Aug/21 ] |
|
Zak, thank you for your reply and explanation of why things work the way they do. It would be very helpful to have an alert when saving the changes would remove hidden permissions. This will be especially important when more staff here participate in the creation and editing of permission sets. I'm writing up documentation, but not everyone is going to remember this "gotcha" of permissions being removed. And with longer permission sets it may not even be noticed - until a department reports that a key feature they need isn't working anymore. And to be clear - we are submitting bug reports or enhancement requests when we run into a situation where a hidden permission fills a gap. Thank you for filing
|
| Comment by Debra Howell [ 31/Aug/21 ] |
|
Zak Burke I appreciate the thoughtful investigation and education on how this works! It is ok with me if this is Closed as "Will Not Do" now. Thanks! |
| Comment by Zak Burke [ 01/Sep/21 ] |
|
Replaced by
|