Uploaded image for project: 'mod-user-import'
  1. mod-user-import
  2. MODUIMP-40

Permissions error when loading users

    XMLWordPrintable

Details

    • Bug
    • Status: Closed (View Workflow)
    • P1
    • Resolution: Done
    • 3.3.0
    • 3.3.1, 3.4.0
    • None
    • CP: sprint 105
    • 1
    • Core: Platform
    • Q3 2020 Hot Fix #1
    • Duke, MO State

    Description

      Overview:

      When attempting to load users with mod-user-import, we get an error message:

      Failed to process user search result. Error message: Failed to process user search response. {\"endpoint\":\"/users?query=externalSystemId%3D%3D%281096023%29&limit=2&offset=0&orderBy=externalSystemId&order=asc\",\"statusCode\":403,\"errorMessage\":\"Access requires permission: users.collection.get\"

      Steps to Reproduce:
      Using https://folio-honeysuckle-okapi.folio-dev.folio.org (Honeysuckle reference environment Okapi instance):

      1. Log in using the diku_admin credentials
      2. POST to /user-import with payload using token from above:
      {
  "deactivateMissingUsers": false,
  "updateOnlyPresentFields": true,
  "totalRecords": 1,
  "users": [
    {
      "username": "foobar-import",
      "externalSystemId": "1096023",
      "active": true,
      "expirationDate": "2025-05-15T04:00:00.000Z",
      "patronGroup": "undergrad",
      "personal": {
        "lastName": "Foobar",
        "firstName": "Eunseong",
        "email": "foobar@gmail.com",
        "phone": "+1 999 999 9999",
        "preferredContactTypeId": "email",
        "addresses": []
      },
      "customFields": {}
    }
  ]
}

      Expected Results:

      User is created or overlaid

      Actual Results: 

      {
    "message": "Users were imported successfully.",
    "createdRecords": 0,
    "updatedRecords": 0,
    "failedRecords": 1,
    "failedUsers": [
        {
            "username": "foobar-import",
            "externalSystemId": "1096023",
            "errorMessage": "Failed to process user search result. Error message: Failed to process user search response. {\"endpoint\":\"/users?query=externalSystemId%3D%3D%281096023%29&limit=2&offset=0&orderBy=externalSystemId&order=asc\",\"statusCode\":403,\"errorMessage\":\"Access requires permission: users.collection.get\"}"
        }
    ],
    "totalRecords": 1
}

      Additional Information:

      mod-authtoken log shows that no permissions are included for the user search:

      SEVERE: [](user permissions) nor [](module permissions) do not contain users.collection.get

      The searches that mod-user-import does before the search for the user (for addresstypes, groups, etc.) do succeed.

      Interested parties:
      enettifee karen.newbery md331

      TestRail: Results

        Attachments

          Activity

            People

              adam Adam Dickmeiss (Inactive)
              wayne Wayne Schneider
              Votes:
              0 Vote for this issue
              Watchers:
              16 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                TestRail: Runs

                  TestRail: Cases