Allow managed technical users to be shown in the "Technical User Management" of the service provider

[Sebastian-Wurm]

Description

As a BPDM architect, I want that the managed technical users for Portal roles "BPDM Sharing Input Manager", "BPDM Sharing Output Consumer", which are created automatically when a company admin subscribes to the BPDM Sharing service, are accessible by the BPDM operator, so that the BPDM operator can create the corresponding EDC assets for the BPDM Gates of each BPDM Sharing Member. Same applies for the BPDM Golden Record service and the technical user for Portal role "BPDM Pool Consumer" and the corresponding asset.

Acceptance Criteria

• [ ] it MUST be possible to configure per each role for automatic creation of (managed) technical users,
  • that the managed technical user MUST be shown in the "Technical User Management" of the service provider
  • and, consequently, that the managed technical user MUST NOT be shown in the "Technical User Management" of the company admin
• [ ] it MUST not be possible to create roles configured in this way manually by the company admin
• [ ] "BPDM Sharing Input Manager" and "BPDM Sharing Output Consumer" MUST be configured in that way
• [ ] "BPDM Pool Consumer" MUST be configured in that way

Additional Information

• see also #175

Out of Scope

• the same could also apply for BPDM value-added services that connect to BPDM Gate and Pool via the EDC
• this is an additional requirement which needs to be filed against portal-iam from each BPDM value-added service separately

[evegufy]

Hi @Sebastian-Wurm what you describe is not related to https://github.com/eclipse-tractusx/sig-release/issues/751, so please remove the link.

If I understand this correctly, I assume this functionality is already in place, at least for the biggest part and this issue is more the result of a misunderstanding in regards to processes.

I suggest you setup a call for clarification.

cc: @MaximilianHauer

[nicoprow]

Hi @Sebastian-Wurm what you describe is not related to eclipse-tractusx/sig-release#751, so please remove the link.

If I understand this correctly, I assume this functionality is already in place, at least for the biggest part and this issue is more the result of a misunderstanding in regards to processes.

I suggest you setup a call for clarification.

cc: @MaximilianHauer

@Sebastian-Wurm I agree here with @evegufy that there is no additional functionality needed for setting up a new BPDM marketplace service to obtain a user that has the rights of "BPDM Sharing Output Consumer". This is something the operator can already do in the Portal and belongs to an initial setup process, described here: https://github.com/eclipse-tractusx/bpdm/blob/main/INSTALL.md#portal-configuration

However, the other requirements generally still stand as these are gaps between BPDM and the current Portal process:

1. We need multiple technical users with different roles for one app/service subscription
2. The created technical users of our BPDM subscription should not visible to the subscribing company, only to the BPDM operating company
3. In general, BPDM technical users should not be creatable for any companies that are not the BPDM operator

Unless we tackle these gaps somehow, a BPDM operator can only do workarounds with the current process.

In any case, I believe these requirements should put in a sig-release issue as they constitute bigger requirements that will affect at least Portal behaviour.

[evegufy]

close with WON'T DO as explained in https://github.com/eclipse-tractusx/portal-iam/issues/168#issuecomment-2274771504

[Sebastian-Wurm]

@evegufy : Let's leave this open until the three separate requirements have been created, as agreed in our meeting.

[MaximilianHauer]

moving it to NEW USER REQUEST that it is not in the scope of devs.