You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
An issue occurs if for the same hash a subject is part of another study already, a study where the current user does not have access. The findByIdentifier returns null, because of the Access denied on the server and ShUp considers a new subject to create. This should be fixed. Afterwards exceptions occur on multiple subjects to return in jpa repository for a single result.
The text was updated successfully, but these errors were encountered:
…r fix for GitHub issue fli-iam#2337
5 test cases: profile OFSEP, adapt dev profile for OFSEP
1) new subject not existing with hash in entire database
test: OK, new subject created, new exam
2) subject exists with hash in study-no-access
test: OK, new subject created, new exam
3) subject existing with hash in another accessible study
test: OK, existing subject used, new exam created in other study
4) subject existing with hash in importing study, new exam
test: OK, existing subject used, new exam created in same study
5) subject existing with hash in importing study, existing exam
test: OK, existing subject used, existing exam used, double amount of series
Solution:
-- API interface not changed, to avoid errors with existing ShUp already installed, that send only the
identifier hash string
-- Access denied exception avoided, as now search with identifier only in studies
with corresponding rights, what leads to the creation of a new subject in study B,
with the same hash, if the subject exists already in study A, but the user has no
rights on study A.
-- at the moment of findByIdentifier (click on import, in imports to server tab, before opening ImportDialog)
we do not know, in which study the user wants to import into (so, I could not send a studyId anyway)
-- Removal of rights check in service api (PostAuthorize), as only searching with allowed studies
-- Removal of rights check (PostAuthorize) on Api as well, as only using allowed studies
-- All 5 test cases executed for profile OFSEP locally (dev profile modified therefore)
to be tested in center, where 4 subjects with the same hash have wrongly been generated, only one should now be the case; as soon as the OSIV PR is deployed in prod
An issue occurs if for the same hash a subject is part of another study already, a study where the current user does not have access. The findByIdentifier returns null, because of the Access denied on the server and ShUp considers a new subject to create. This should be fixed. Afterwards exceptions occur on multiple subjects to return in jpa repository for a single result.
The text was updated successfully, but these errors were encountered: