Closed aelimport closed 4 years ago
ppazos
commented
4 years ago @aelimport these two are fixed in master:
From template view trying to open the template indexes Error: access denied Path: /operationalTemplate/items
From template view trying to open the archetype indexes Error: access denied Path: /operationalTemplate/archetypeItems or
aelimport
commented
4 years ago Here another one
Error: access denied Path: /operationalTemplate/deactivate
On trying to deactivate the opt.
The to fixed seems to work now.
ppazos
commented
4 years ago thanks @aelimport will fix it ASAP
ppazos
commented
4 years ago @aelimport can you check if the current master branch is working for you?
aelimport
commented
4 years ago I updated it today to the recent master commit. Now I'm getting some unspecific behaivior if I'm try to create new user. If I create a new user and check it enabled, it creates the user but in the view and in the settings the enabled checkbox is off. If I try to edit the settings and enable it again, it says (translated): "The property [password] from type [class com.cabolabs.security.User] with the value [null] is invalid.
If I try to reset the password with the link sent to my email adress I just get to the dashboard and nothing happens. In the console I get following messages:
`2020-07-28 06:40:38.356 DEBUG c.c.s.stateless.StatelessInterceptor : stateless interceptor before: c:'auth' a:'resetPassword'
2020-07-28 06:40:38.357 DEBUG c.c.s.stateless.StatelessInterceptor : not stateless secured
2020-07-28 06:40:38.370 DEBUG c.c.s.stateless.StatelessInterceptor : stateless interceptor before: c:'app' a:'index'
2020-07-28 06:40:38.370 DEBUG c.c.s.stateless.StatelessInterceptor : not stateless secured
2020-07-28 06:40:38.425 DEBUG c.c.ehrserver.i18n.LangInterceptor : lang: de
2020-07-28 06:40:38.655 DEBUG c.c.s.stateless.StatelessInterceptor : stateless interceptor before: c:'notification' a:'newNotifications'
2020-07-28 06:40:38.656 DEBUG c.c.s.stateless.StatelessInterceptor : not stateless secured 2020-07-28 06:40:38.667 DEBUG c.c.ehrserver.i18n.LangInterceptor : lang: de`
ppazos
commented
4 years ago An active user should have a password set, that is an internal rule, since without a password they can't login, if they can't login, can't be active. The passwords should be set by the users.
aelimport
commented
4 years ago Yes, but the user can not set the password. If I click to the link to reset the password, I get in the email after creation, it just redirects to the dashboard without any error in the browser. Just this messages in the console. I do not see any other possibility to enter the password (except the allow_web_user_register: true property I've not testet yet)
aelimport
commented
4 years ago Alright, I've found out I need to logout to be able to reset the password. If anothe user is already logged in, I do not get the password reset view from new user. And if I reset the password I still get the error:
Error: Page Not Found (404) Path: /login/auth
But the password was set then and I can login if I navigate to the main view.
ppazos
commented
4 years ago @aelimport yes, when you create the user you are acting as an admin, creating a user for another person. If you want, for testing purposes, to reset this user's password, you need to logout from the admin user since you are really acting as another person.
That error is due an old URL redirect, I changed most of the user/auth related URLs in v2.x and some are wrong URLs are still there, I fixed some, that one I missed, it's an easy fix, I'll try to test/fix ASAP.
aelimport
commented
4 years ago I found another view that is not accessible: Error: access denied Path: /organization/generateApiKey
and as already mentioned on gitter this one: Error: access denied Path: /activityLog/index
aelimport
commented
4 years ago In the Roles view, if I select some Role, the content is always empty. Should there be some content, like users that got that role?
ppazos
commented
4 years ago @aelimport when I'm logged in as an admin, in the role/show I see the role information, it's there, it is just two fields.
aelimport
commented
4 years ago Oh, I see. It looked like there are more informations, like: which users got this role.
ppazos
commented
4 years ago @aelimport that info is in the users view.
Here I tried to reset the password for a new user: Error: Page Not Found (404) Path: /user/resetPasswordRequest/5
The favicon is missing when I try to create new Account Error: Page Not Found (404) Path: /favicon.ico
Trying to view an existing Role: http://localhost:8090/role/show/1 Failed to load resource: the server responded with a status of 500 ()
And this views have false permissions: From template view trying to open the template indexes Error: access denied Path: /operationalTemplate/items
From template view trying to open the archetype indexes Error: access denied Path: /operationalTemplate/archetypeItems or
From logs view trying to sort the logs by column Error: access denied Path: /activityLog/index