Details

    • Sprint:
      Team D Sprint 6
    • Team:
      Team D
    • Epic Link:
    • Story Points:
      2
    • Max. hours:
      9
    • Min. hours:
      7
    • Technical tasks:
      Hide

      -

      Show
      -

      Description

      Steps to reproduce

      When a user is added without any groups (or groups without roles) it can't login:

      • Log in as admin
      • Create a new user, leave all groups unchecked
      • Log out
      • Try to login as the new user
        --> login does not work

      Cause

      • In INTEGRATED-1348 Closed a new role is added to the token. This role is now required to log into Integrated
      • When the users doesn't have roles the eventlistener isn't fired
      • https://symfony.com/doc/current/security.html#roles "Make sure every user has at least one role, or your user will look like they're not authenticated. A common convention is to give every user ROLE_USER"

      Solution

      • The best solution would be to add a ROLE_USER when the "Enable login" is enabled
      • Another option is to force ROLE_USER in the database for every user, but I don't like that solution

        Attachments

          Issue links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                marijn Marijn Otte
                Code reviewer:
                Michael Jongman (Inactive)
                Developer:
                Ger Jan van den Bosch (Inactive)
                Product owner:
                Marijn Otte
                Client:
                Integrated Marijn
                Refiner:
                API
              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  OTM