User role required even the role is granted

User role required even the role is granted

  

Hi all:
I encountered an issue on user role. 


Background: 

1. I created a role X under one module A, later I need manage this role across platform, so I deleted it from module A, and recreate it under module B with same role name X. 

2. I need a backdoor admin access such that I can login as User S with Role X in module C (only role X can access the screen).


Case:

1. S can login to Module C without any issue.

2. If I use backdoor to login as S into C, first time it's fine, however if I try access any other page of module C, it will raise exception that X role required, then i am logged out.


Additional info:
1. S has role X.

2. I cleared role table so old role X under A is removed.

3. As admin, admin doesn't have role X.


Please help on how to resolve the role required exception. Thank you!

Hi Yi,

Not sure but have you tried to provide explicit role to that user. Before jump to that page, at preparation you could check Role if user does not have role assign then use another Role action Grant Role it will explicit provide role to that user.  It could be one alternative. 




-Hitesh

Hi Hitesh:

The exception happens before hit into preparation. And Yes, the user has been granted the role, as this user can login into app.

Hitesh Maran wrote:

Hi Yi,

Not sure but have you tried to provide explicit role to that user. Before jump to that page, at preparation you could check Role if user does not have role assign then use another Role action Grant Role it will explicit provide role to that user.  It could be one alternative. 




-Hitesh



Hi Yi Ouyang,

From what I can understand, using the regular Login page with user S works without issues. Can you explain what do you mean by "a backdoor admin access such that I can login as User S with Role X in module C"?


Hi Jorge:

This is one of the requirement i need to meet. So in order to achieve it, I created a new module SwitchUser(SU) that stores the original user id in SU's session, and then use S's user id to login directly by using Login function from System component. Thus the function for login or reverse login to original user is store in SU.


Jorge Martins wrote:

Hi Yi Ouyang,

From what I can understand, using the regular Login page with user S works without issues. Can you explain what do you mean by "a backdoor admin access such that I can login as User S with Role X in module C"?




Solution

There's only one session for all the applications running in your environment (all Session variables are stored in the same context, no matter which module they are defined).

So how (when?) are you reverting back to the original user?

Solution

Hi Jorge:

Reverting back to the original user is manually triggered by user, which will call the original user Id stored in SwitchUser(SU).

In my case, this function is not called even though it's in header and systems auto logged me out. This happens when I try to access other screen as S. 


Jorge Martins wrote:

There's only one session for all the applications running in your environment (all Session variables are stored in the same context, no matter which module they are defined).

So how (when?) are you reverting back to the original user?



Hello Yi Ouyang,

can you provide a sample OML where you can see that behaviour?

Hi Jorge:


With my sup's help, i found out the bug, it was hidden function defined by other colleague which actually used log out function there. Thank you for your help.


Jorge Martins wrote:

Hello Yi Ouyang,

can you provide a sample OML where you can see that behaviour?