Uploaded image for project: 'mod-user-import'
  1. mod-user-import
  2. MODUIMP-40

Permissions error when loading users

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: P1
    • Resolution: Done
    • Affects Version/s: 3.3.0
    • Fix Version/s: 3.3.1, 3.4.0
    • Labels:
      None
    • Template:
      Standard Bug Write-Up Format
    • Sprint:
      CP: sprint 105
    • Story Points:
      1
    • Development Team:
      Core: Platform
    • Release:
      Q3 2020 Hot Fix #1
    • Affected Institution:
      Duke, MO State

      Description

      Overview:

      When attempting to load users with mod-user-import, we get an error message:

      Failed to process user search result. Error message: Failed to process user search response. {\"endpoint\":\"/users?query=externalSystemId%3D%3D%281096023%29&limit=2&offset=0&orderBy=externalSystemId&order=asc\",\"statusCode\":403,\"errorMessage\":\"Access requires permission: users.collection.get\"
      

      Steps to Reproduce:
      Using https://folio-honeysuckle-okapi.folio-dev.folio.org (Honeysuckle reference environment Okapi instance):

      1. Log in using the diku_admin credentials
      2. POST to /user-import with payload using token from above:
      {
        "deactivateMissingUsers": false,
        "updateOnlyPresentFields": true,
        "totalRecords": 1,
        "users": [
          {
            "username": "foobar-import",
            "externalSystemId": "1096023",
            "active": true,
            "expirationDate": "2025-05-15T04:00:00.000Z",
            "patronGroup": "undergrad",
            "personal": {
              "lastName": "Foobar",
              "firstName": "Eunseong",
              "email": "foobar@gmail.com",
              "phone": "+1 999 999 9999",
              "preferredContactTypeId": "email",
              "addresses": []
            },
            "customFields": {}
          }
        ]
      }
      

      Expected Results:

      User is created or overlaid

      Actual Results:

      {
          "message": "Users were imported successfully.",
          "createdRecords": 0,
          "updatedRecords": 0,
          "failedRecords": 1,
          "failedUsers": [
              {
                  "username": "foobar-import",
                  "externalSystemId": "1096023",
                  "errorMessage": "Failed to process user search result. Error message: Failed to process user search response. {\"endpoint\":\"/users?query=externalSystemId%3D%3D%281096023%29&limit=2&offset=0&orderBy=externalSystemId&order=asc\",\"statusCode\":403,\"errorMessage\":\"Access requires permission: users.collection.get\"}"
              }
          ],
          "totalRecords": 1
      }
      

      Additional Information:

      mod-authtoken log shows that no permissions are included for the user search:

      SEVERE: [](user permissions) nor [](module permissions) do not contain users.collection.get

      The searches that mod-user-import does before the search for the user (for addresstypes, groups, etc.) do succeed.

      Interested parties:
      Erin Nettifee Karen Newbery Mark Deutsch

        TestRail: Results

          Attachments

            Activity

              People

              Assignee:
              adam Adam Dickmeiss
              Reporter:
              wayne Wayne Schneider
              Votes:
              0 Vote for this issue
              Watchers:
              16 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  TestRail: Runs

                    TestRail: Cases