Hi, Thanks for the pointer. We did trial and error with entitlements for the Approver role. We found that unless and until we gave Security_Question_XXX (CRUD) entitlements to the approver role, the approver is not able to view the user details while approving the request. This should be termed a bug, as the approver should have just USER_READ entitlement to view the user details, SECURITY_QUESTION_XX are not required as such for approval.
Regards, Suresh On Sat, Oct 11, 2014 at 11:17 AM, Francesco Chicchiriccò < [email protected]> wrote: > On 10/10/2014 11:12, Suresh Ajja wrote: > > hi, > > We are running 1.2.0 Syncope > > The scenario run is as below: > a. Anonymous user creates a user_create request through self registration > b. It goes to the Approver for approval. > Approver clicks on Edit User to view the user details for making an > approval decision. > Error displays as attached. > c. The same when Admin logs in and tries to view user details, he is able > to view without any error. > > > Below are the entitlements provided to Approver: > > USER_LIST,ROLE_101,WORKFLOW_FORM_CLAIM,USER_VIEW,USER_READ,ROLE_200,WORKFLOW_FORM_READ,WORKFLOW_FORM_SUBMIT,USER_CREATE,ROLE_102,WORKFLOW_FORM_LIST,USER_UPDATE > > Are we missing any entitlement to Approver, for him to view user details > while approving. > > > Hi Suresh, > I think you're heading in the right direction, there should be some > missing entitlement. > > I won't probably be able to give a try to your scenario for the next days: > could you please take a look at the exceptions in the core-rest.log file? > There should be something more useful there. > > Regards. > > -- > Francesco Chicchiriccò > > Tirasa - Open Source Excellencehttp://www.tirasa.net/ > > Involved at The Apache Software Foundation: > member, Syncope PMC chair, Cocoon PMC, Olingo > PMChttp://people.apache.org/~ilgrosso/ > >
