Open MaximilianHauer opened 2 months ago
typecastcloud
commented
2 months ago Hi @Phil91 @MaximilianHauer, I was just wondering if Business Admin is supposed to be able to add/remove app user for subscribed apps. I think they need modify_user_account and view_client_roles for that.
MaximilianHauer
commented
2 months ago @typecastcloud there is no logic to add users for certain apps/services as soon as the app is subscribed via the "subscribe_apps" role the whole company can access it
typecastcloud
commented
2 months ago @typecastcloud there is no logic to add users for certain apps/services as soon as the app is subscribed via the "subscribe_apps" role the whole company can access it
You are mistaken.
User Management -> Access Management -> Select subscribed app (here GET api/administration/user/owncompany/roles/apps endpoint is called. Requiring
view_client_roles) -> Add role -> Search and Select Users -> Confirm -> Add Roles -> Confirm Selected Roles (here PUT api/administration/user/owncompany/users/{id}/apps/{id}/roles is called. Requiringmodify_user_account)
I was just wondering if the Business Admin should be able to do this.
MaximilianHauer
commented
2 months ago based on last discussions userstory was adjusted
Phil91
commented
2 months ago based on last discussions userstory was adjusted
PR was already updated as well.
MaximilianHauer
commented
1 month ago waiting for resetting of INT env until it should be tested .
Description
Currently the Business Admin does have roles to create/add users but during this process the role
VIEW_IDPis needed as the frontend is checking if the company is currently undergoing a transition between two idp. if this is the case the user creation would be blocked. to enable the business admin to proceed the process we would need to add the roleview_idp.Acceptance Criteria
VIEW_IDPAdditional Information