Hello Márta, I have reviewed the code and it is Ok for the create client maker-checker action.
Is there a way to include in the integration test case some coverage for Loan, Savings, Transaction (disbursement, withdrawal/deposit)? This is because I think that this is an important feature enhancement. Regards Victor Romero El dom, 31 dic 2023 a las 8:26, Márta Jankovics (<marta.jankov...@dpc.hu>) escribió: > Hi All, > > Happy New Year! > > I’ve fixed the issue of maker-checker process was not working. > Ticket for this issue: https://issues.apache.org/jira/browse/FINERACT-1977 > Issue detailed: Even if the global configuration 'maker-checker' was > enabled, and the action permission was marked as can_maker_checker true, > the action was performed immediately and the result saved into the > database. Although the command itself was marked with status ‘Awaiting > approval’. When the command was approved, the action got performed again, > and a new duplicated entity (for example create client) was saved into the > database. > > With the PR https://github.com/apache/fineract/pull/3649, this issue has > fixed. This PR is still open, please check, review, comment if you have any > thoughts. > > Additionally there was another request regarding the maker-checker > concept, that the same user should not be able to check his own commands. > https://issues.apache.org/jira/browse/FINERACT-1980 > > The above PR also has the solution for this request. To remain backward > compatible, I’ve introduced a new global configuration: ' > enable-same-maker-checker’ > with the default enabled value: false. Default is false, because I think > that the very essence of the maker-checker process is that it requires 4 > eyes (2 different users). > Please note, that you can still enable this configuration and continue > allowing to check (approve/reject/delete) the commands by the same maker > user. > > There is one exception to this rule, if the checker user is a ‘Checker > super user’, eg. he has permission to ‘CHECKER_SUPER_USER’ or > ‘ALL_FUNCTIONS’, he can still check his own commands. > Additionally, since these special users have the right to check the > command anyway, already at the maker step (if the maker user is a checker > super user) we perform the action. The command will have both the maker and > checker users and dates set, but the status will be PROCESSED. > This is a great possibility to perform maker-checker permitted actions in > batch, initiated by a trusted client. > > Regards, > Marta Jankovics >
