<!-- 
RSS generated by JIRA (1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d) at Thu Feb 08 23:21:29 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary add field=key&field=summary to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>FOLIO Jira</title>
    <link>https://folio-org.atlassian.net</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>1001.0.0-SNAPSHOT</version>
        <build-number>100246</build-number>
        <build-date>07-02-2024</build-date>
    </build-info>

<item>
            <title>[FOLIO-2551] SPIKE:  System and Tenant Level Users - Requirements</title>
                <link>https://folio-org.atlassian.net/browse/FOLIO-2551</link>
                <project id="10290" key="FOLIO">FOLIO</project>
                    <description>&lt;h2&gt;&lt;a name=&quot;Overview&quot;&gt;&lt;/a&gt;Overview&lt;/h2&gt;

&lt;p&gt;The topic of system and tenant level users has come up a few times in various contexts. This investigation is to gather requirements and use cases in a single place.&lt;/p&gt;

&lt;ul&gt;
	&lt;li&gt;Edge APIs use &quot;institutional users&quot;. These are essentially tenant-level users
	&lt;ul&gt;
		&lt;li&gt;For now provisioning of these users must be done manually, including granting permissions, etc.&lt;/li&gt;
		&lt;li&gt;The login credentials for these institutional users must be stored in a secret store where the edge API can access them.&lt;/li&gt;
	&lt;/ul&gt;
	&lt;/li&gt;
	&lt;li&gt;
    &lt;span class=&quot;jira-issue-macro resolved&quot; data-jira-key=&quot;FOLIO-1781&quot; &gt;
                &lt;a href=&quot;https://folio-org.atlassian.net/browse/FOLIO-1781&quot; class=&quot;jira-issue-macro-key issue-link&quot;  title=&quot;Change metadata when user performing action is unknown&quot; &gt;
            &lt;img class=&quot;icon&quot; src=&quot;https://folio-org.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium&quot; /&gt;
            FOLIO-1781
        &lt;/a&gt;
                                                    &lt;span class=&quot;aui-lozenge aui-lozenge-subtle aui-lozenge-success jira-macro-single-issue-export-pdf&quot;&gt;Closed&lt;/span&gt;
            &lt;/span&gt;
 discusses the need/desire for system or tenant-level users in the context of record metadata.
	&lt;ul&gt;
		&lt;li&gt;If the system creates/modifies a record and there is no user context, what should be used in the record metadata?
		&lt;ul&gt;
			&lt;li&gt;Loading sample/reference data when enabling a module for a tenant&lt;/li&gt;
			&lt;li&gt;mod-pub-sub&lt;/li&gt;
			&lt;li&gt;TBD&lt;/li&gt;
		&lt;/ul&gt;
		&lt;/li&gt;
	&lt;/ul&gt;
	&lt;/li&gt;
	&lt;li&gt;Most recently, there were discussions about system user used by certain modules, for example mod-search and mod-pubsub. See discussion of this&#160;&lt;a href=&quot;https://github.com/folio-org/folio-spring-base/pull/13&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;PR&lt;/a&gt;&lt;/li&gt;
&lt;/ul&gt;


&lt;p&gt;Link to the description of the possible approaches: &lt;a href=&quot;https://folio-org.atlassian.net/wiki/display/~mikhail.fokanov/Module+users+in+Folio&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://folio-org.atlassian.net/wiki/display/~mikhail.fokanov/Module+users+in+Folio&lt;/a&gt; &lt;/p&gt;</description>
                <environment></environment>
        <key id="81652">FOLIO-2551</key>
            <summary>SPIKE:  System and Tenant Level Users - Requirements</summary>
                <type id="10003" iconUrl="https://folio-org.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium">Task</type>
                                            <priority id="10002" iconUrl="https://dev.folio.org/assets/jira-priority/jira-p3.svg">P3</priority>
                        <status id="6" iconUrl="https://folio-org.atlassian.net/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="green"/>
                                    <resolution id="10003">Done</resolution>
                                                        <assignee accountid="70121:84bca0b8-4380-4d87-8a90-53e9133584f6">Mikhail Fokanov</assignee>
                                                                <reporter accountid="5cf6c546b87c300f36eb7b9a">Craig McNally</reporter>
                                    <labels>
                            <label>R3</label>
                    </labels>
                <created>Wed, 1 Apr 2020 17:51:14 +0000</created>
                <updated>Thu, 29 Jul 2021 13:04:18 +0000</updated>
                            <resolved>Thu, 29 Jul 2021 13:04:18 +0000</resolved>
                                                                        <due></due>
                            <votes>0</votes>
                                    <watches>10</watches>
                                                                <comments>
                                                            <comment id="195663" author="70121:be6f0bd2-e000-4943-9f66-4e6e78213e31" created="Tue, 27 Oct 2020 18:19:29 +0000"  >&lt;p&gt;Might also be worthwhile to discuss admin users with requirements to &lt;/p&gt;
&lt;ul class=&quot;alternate&quot; type=&quot;square&quot;&gt;
	&lt;li&gt;Have their own permission sets that are not editable by other users&lt;/li&gt;
	&lt;li&gt;Have their own patron groups, that cannot be edited by other users&lt;/li&gt;
&lt;/ul&gt;
</comment>
                                                            <comment id="195665" author="557058:b8e64633-1f7c-402d-9caf-9959a5ba5d0d" created="Mon, 12 Apr 2021 08:40:04 +0000"  >&lt;p&gt;&lt;a href=&quot;https://folio-org.atlassian.net/secure/ViewProfile.jspa?accountId=5cf6c546b87c300f36eb7b9a&quot; class=&quot;user-hover&quot; rel=&quot;5cf6c546b87c300f36eb7b9a&quot; data-account-id=&quot;5cf6c546b87c300f36eb7b9a&quot; accountid=&quot;5cf6c546b87c300f36eb7b9a&quot; rel=&quot;noreferrer&quot;&gt;Craig McNally&lt;/a&gt; is &lt;a href=&quot;https://folio-org.atlassian.net/secure/ViewProfile.jspa?accountId=5ef076ba60d3c80ac9ed8b81&quot; class=&quot;user-hover&quot; rel=&quot;5ef076ba60d3c80ac9ed8b81&quot; data-account-id=&quot;5ef076ba60d3c80ac9ed8b81&quot; accountid=&quot;5ef076ba60d3c80ac9ed8b81&quot; rel=&quot;noreferrer&quot;&gt;Vasily Gancharov&lt;/a&gt; acively working on this? If not, I&apos;d like to re-assign to the Platform team.&lt;/p&gt;</comment>
                                                            <comment id="195667" author="557058:f8c71e3c-04a0-49c1-bae9-f8f88e253821" created="Mon, 19 Apr 2021 13:30:52 +0000"  >&lt;p&gt;&lt;a href=&quot;https://folio-org.atlassian.net/secure/ViewProfile.jspa?accountId=557058%3Ab8e64633-1f7c-402d-9caf-9959a5ba5d0d&quot; class=&quot;user-hover&quot; rel=&quot;557058:b8e64633-1f7c-402d-9caf-9959a5ba5d0d&quot; data-account-id=&quot;557058:b8e64633-1f7c-402d-9caf-9959a5ba5d0d&quot; accountid=&quot;557058:b8e64633-1f7c-402d-9caf-9959a5ba5d0d&quot; rel=&quot;noreferrer&quot;&gt;Jakub Skoczen&lt;/a&gt;&#160;we discussed and think this priority need to be increased. This looks like a very Hight priority security issue&lt;/p&gt;</comment>
                                                            <comment id="195669" author="63e2a2771b13d42998e4e706" created="Mon, 19 Apr 2021 13:47:23 +0000"  >&lt;p&gt;&lt;a href=&quot;https://folio-org.atlassian.net/secure/ViewProfile.jspa?accountId=557058%3Af8c71e3c-04a0-49c1-bae9-f8f88e253821&quot; class=&quot;user-hover&quot; rel=&quot;557058:f8c71e3c-04a0-49c1-bae9-f8f88e253821&quot; data-account-id=&quot;557058:f8c71e3c-04a0-49c1-bae9-f8f88e253821&quot; accountid=&quot;557058:f8c71e3c-04a0-49c1-bae9-f8f88e253821&quot; rel=&quot;noreferrer&quot;&gt;Hanna Hulevich&lt;/a&gt;&lt;/p&gt;

&lt;blockquote&gt;&lt;p&gt;This looks like a very high priority security issue&lt;/p&gt;&lt;/blockquote&gt;

&lt;p&gt;Why is it a very high priority security issue, the description does not refer to security at all?&lt;/p&gt;</comment>
                                                            <comment id="195671" author="5cf6c546b87c300f36eb7b9a" created="Mon, 19 Apr 2021 14:35:26 +0000"  >&lt;p&gt;&lt;a href=&quot;https://folio-org.atlassian.net/secure/ViewProfile.jspa?accountId=557058%3Ab8e64633-1f7c-402d-9caf-9959a5ba5d0d&quot; class=&quot;user-hover&quot; rel=&quot;557058:b8e64633-1f7c-402d-9caf-9959a5ba5d0d&quot; data-account-id=&quot;557058:b8e64633-1f7c-402d-9caf-9959a5ba5d0d&quot; accountid=&quot;557058:b8e64633-1f7c-402d-9caf-9959a5ba5d0d&quot; rel=&quot;noreferrer&quot;&gt;Jakub Skoczen&lt;/a&gt; I don&apos;t think Vasily is on the project anymore.&lt;/p&gt;

&lt;p&gt;&lt;a href=&quot;https://folio-org.atlassian.net/secure/ViewProfile.jspa?accountId=63e2a2771b13d42998e4e706&quot; class=&quot;user-hover&quot; rel=&quot;63e2a2771b13d42998e4e706&quot; data-account-id=&quot;63e2a2771b13d42998e4e706&quot; accountid=&quot;63e2a2771b13d42998e4e706&quot; rel=&quot;noreferrer&quot;&gt;Marc Johnson&lt;/a&gt; I don&apos;t think this is a security issue in and of itself, but not having this functionality leads developers down paths which often end in security issues.  
    &lt;span class=&quot;jira-issue-macro resolved&quot; data-jira-key=&quot;MODPUBSUB-78&quot; &gt;
                &lt;a href=&quot;https://folio-org.atlassian.net/browse/MODPUBSUB-78&quot; class=&quot;jira-issue-macro-key issue-link&quot;  title=&quot;Insecure use of password for pub-sub user &quot; &gt;
            &lt;img class=&quot;icon&quot; src=&quot;https://folio-org.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10303?size=medium&quot; /&gt;
            MODPUBSUB-78
        &lt;/a&gt;
                                                    &lt;span class=&quot;aui-lozenge aui-lozenge-subtle aui-lozenge-success jira-macro-single-issue-export-pdf&quot;&gt;Closed&lt;/span&gt;
            &lt;/span&gt;
 for example.&lt;/p&gt;</comment>
                                                            <comment id="195672" author="557058:f8c71e3c-04a0-49c1-bae9-f8f88e253821" created="Mon, 17 May 2021 13:37:28 +0000"  >&lt;p&gt;Hi &lt;a href=&quot;https://folio-org.atlassian.net/secure/ViewProfile.jspa?accountId=557058%3Ab92c545f-a9eb-488e-9d26-fe6b921e4fbb&quot; class=&quot;user-hover&quot; rel=&quot;557058:b92c545f-a9eb-488e-9d26-fe6b921e4fbb&quot; data-account-id=&quot;557058:b92c545f-a9eb-488e-9d26-fe6b921e4fbb&quot; accountid=&quot;557058:b92c545f-a9eb-488e-9d26-fe6b921e4fbb&quot; rel=&quot;noreferrer&quot;&gt;Raman Auramau&lt;/a&gt;&#160;I was told you are working on this. Could you please clarify if this done or not and probably we need reassign this from Core Platform?&#160;&lt;br/&gt;
CC &lt;a href=&quot;https://folio-org.atlassian.net/secure/ViewProfile.jspa?accountId=557058%3Ab8e64633-1f7c-402d-9caf-9959a5ba5d0d&quot; class=&quot;user-hover&quot; rel=&quot;557058:b8e64633-1f7c-402d-9caf-9959a5ba5d0d&quot; data-account-id=&quot;557058:b8e64633-1f7c-402d-9caf-9959a5ba5d0d&quot; accountid=&quot;557058:b8e64633-1f7c-402d-9caf-9959a5ba5d0d&quot; rel=&quot;noreferrer&quot;&gt;Jakub Skoczen&lt;/a&gt;&lt;/p&gt;</comment>
                                                            <comment id="195674" author="557058:b92c545f-a9eb-488e-9d26-fe6b921e4fbb" created="Thu, 20 May 2021 10:39:32 +0000"  >&lt;p&gt;Hi &lt;a href=&quot;https://folio-org.atlassian.net/secure/ViewProfile.jspa?accountId=557058%3Af8c71e3c-04a0-49c1-bae9-f8f88e253821&quot; class=&quot;user-hover&quot; rel=&quot;557058:f8c71e3c-04a0-49c1-bae9-f8f88e253821&quot; data-account-id=&quot;557058:f8c71e3c-04a0-49c1-bae9-f8f88e253821&quot; accountid=&quot;557058:f8c71e3c-04a0-49c1-bae9-f8f88e253821&quot; rel=&quot;noreferrer&quot;&gt;Hanna Hulevich&lt;/a&gt; - Frankly I&apos;m not quite catching up on what this is about. &lt;br/&gt;
Is this about work with secrets? If so, than one of my current activities is really connected to secrets management proposal though it does not seem to be related to &lt;em&gt;System and Tenant Level Users&lt;/em&gt; topic.&lt;/p&gt;</comment>
                                                            <comment id="195676" author="557058:f8c71e3c-04a0-49c1-bae9-f8f88e253821" created="Thu, 20 May 2021 11:09:53 +0000"  >&lt;p&gt;Hi &lt;a href=&quot;https://folio-org.atlassian.net/secure/ViewProfile.jspa?accountId=557058%3Ab92c545f-a9eb-488e-9d26-fe6b921e4fbb&quot; class=&quot;user-hover&quot; rel=&quot;557058:b92c545f-a9eb-488e-9d26-fe6b921e4fbb&quot; data-account-id=&quot;557058:b92c545f-a9eb-488e-9d26-fe6b921e4fbb&quot; accountid=&quot;557058:b92c545f-a9eb-488e-9d26-fe6b921e4fbb&quot; rel=&quot;noreferrer&quot;&gt;Raman Auramau&lt;/a&gt;,&lt;br/&gt;
I was told by &lt;a href=&quot;https://folio-org.atlassian.net/secure/ViewProfile.jspa?accountId=70121%3A84bca0b8-4380-4d87-8a90-53e9133584f6&quot; class=&quot;user-hover&quot; rel=&quot;70121:84bca0b8-4380-4d87-8a90-53e9133584f6&quot; data-account-id=&quot;70121:84bca0b8-4380-4d87-8a90-53e9133584f6&quot; accountid=&quot;70121:84bca0b8-4380-4d87-8a90-53e9133584f6&quot; rel=&quot;noreferrer&quot;&gt;Mikhail Fokanov&lt;/a&gt;&#160;that you are working on it and this ticket should be assigned to you. &lt;a href=&quot;https://folio-org.atlassian.net/secure/ViewProfile.jspa?accountId=70121%3A84bca0b8-4380-4d87-8a90-53e9133584f6&quot; class=&quot;user-hover&quot; rel=&quot;70121:84bca0b8-4380-4d87-8a90-53e9133584f6&quot; data-account-id=&quot;70121:84bca0b8-4380-4d87-8a90-53e9133584f6&quot; accountid=&quot;70121:84bca0b8-4380-4d87-8a90-53e9133584f6&quot; rel=&quot;noreferrer&quot;&gt;Mikhail Fokanov&lt;/a&gt;&#160;could you please clarify? Thank you in advance!&lt;/p&gt;</comment>
                                                            <comment id="195677" author="557058:b92c545f-a9eb-488e-9d26-fe6b921e4fbb" created="Mon, 14 Jun 2021 13:06:32 +0000"  >&lt;p&gt;I&apos;m making the ticket unassigned as for now since I&apos;m not working on it and actually is not aware about the context. Potentially I can take a look some time but currently have no capacity for that.&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10003">
                    <name>Relates</name>
                                            <outwardlinks description="relates to">
                                        <issuelink>
            <issuekey id="56621">RMB-747</issuekey>
        </issuelink>
            <issuelink>
            <issuekey id="79900">FOLIO-1935</issuekey>
        </issuelink>
            <issuelink>
            <issuekey id="56780">RMB-743</issuekey>
        </issuelink>
            <issuelink>
            <issuekey id="79899">FOLIO-1786</issuekey>
        </issuelink>
                            </outwardlinks>
                                                                <inwardlinks description="relates to">
                                        <issuelink>
            <issuekey id="39188">EDGINREACH-2</issuekey>
        </issuelink>
            <issuelink>
            <issuekey id="64755">MODOAIPMH-243</issuekey>
        </issuelink>
            <issuelink>
            <issuekey id="31353">MODINREACH-72</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10000" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummarycf">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10057" key="com.atlassian.jira.plugin.system.customfieldtypes:select">
                        <customfieldname>Development Team</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10144"><![CDATA[Core: Platform]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10019" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>0|hzx3o9:hzzbr</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_10020" key="com.pyxis.greenhopper.jira:gh-sprint">
                        <customfieldname>Sprint</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue id="473">CP: sprint 119</customfieldvalue>
    <customfieldvalue id="378">CP: sprint 117</customfieldvalue>
    <customfieldvalue id="379">CP: sprint 118</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_10044" key="com.atlassian.jira.plugin.system.customfieldtypes:float">
                        <customfieldname>Story Points</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>5.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10024" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>[CHART] Date of First Response</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Tue, 27 Oct 2020 18:19:29 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10025" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>[CHART] Time in Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                    </customfields>
    </item>
</channel>
</rss>