Uploaded image for project: 'OpenIDM'
  1. OpenIDM
  2. OPENIDM-5914

Role is still showing as assigned in effectiveRoles attribute on query-all output if role is unassigned via the admin UI


    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: OpenIDM 4.0.0, OpenIDM 4.5.0, OpenIDM 5.0.0
    • Fix Version/s: None
    • Component/s: Module - Roles
    • Support Ticket IDs:


      If a role is assigned to a user using the openidm/managed/user endpoint and then subsequently deleted via the OpenIDM Admin UI then the role is present in the effectiveRoles attribute when using managed/user?_queryId=query-all but not when getting the user individually using managed/user/a8...5c

      To reproduce:

      0). Add a role to a user:

      curl --header "X-OpenIDM-Username: openidm-admin" --header "X-OpenIDM-Password: openidm-admin" --header "Content-Type: application/json" --header "If-Match: *" --request PATCH --data '[{"operation": "replace", "field": "/roles/-", "value": {"_ref" : "managed/role/bc...2b"}}]' "http://localhost:8081/openidm/managed/user/a8...5c"

      1). Use the OpenIDM 4 Admin UI and remove the role assignment from the user.

      2). Get the individual user:

      curl --header "X-OpenIDM-Username: openidm-admin" --header "X-OpenIDM-Password: openidm-admin" --request GET "http://localhost:8081/openidm/managed/user/a8...5c"

      Note the role is not present as expected.

      3). Get all user objects:

      curl --header "X-OpenIDM-Username: openidm-admin" --header "X-OpenIDM-Password: openidm-admin" --request GET "http://localhost:8081/openidm/managed/user?_queryId=query-all"

      Note the role is still present in effectiveRoles.

      Expected behaviour:

      The content of effectiveRoles when getting the user individually or when using query-all should be consistent.


          Issue Links



              • Assignee:
                dhogan Dirk Hogan
                andy.itter Andy Itter
              • Votes:
                0 Vote for this issue
                7 Start watching this issue


                • Created: