[INTEGRATED-1371] Spike: users without a role can't log in - e-Active JIRA-OTM

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: integrated-0.9
Component/s: None
Labels:

Sprint:
Team D Sprint 6
Team:
Team D
Epic Link:
Website login
Story Points:
2
Max. hours:
9
Min. hours:
7
Technical tasks:

Hide

-

Show
-

Description

Steps to reproduce

When a user is added without any groups (or groups without roles) it can't login:

Log in as admin
Create a new user, leave all groups unchecked
Log out
Try to login as the new user
--> login does not work

Cause

In INTEGRATED-1348 Closed a new role is added to the token. This role is now required to log into Integrated
When the users doesn't have roles the eventlistener isn't fired
https://symfony.com/doc/current/security.html#roles "Make sure every user has at least one role, or your user will look like they're not authenticated. A common convention is to give every user ROLE_USER"

Solution

The best solution would be to add a ROLE_USER when the "Enable login" is enabled
Another option is to force ROLE_USER in the database for every user, but I don't like that solution

Attachments

Options
- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

Attachments

fe34e82d-da6e-4d74-bae4-8c53dce2d378.mp4
128 kB
29/Jun/18 9:33 AM

Issue links

is bug/finetuning caused by

INTEGRATED-1348 Doctrine tries to persist virtual roles - inject roles to token instead of user

Closed

Activity

People

Assignee:

Unassigned

Reporter:

Marijn Otte

Code reviewer:

Michael Jongman (Inactive)

Developer:

Ger Jan van den Bosch (Inactive)

Product owner:

Marijn Otte

Client:

Integrated Marijn

Refiner:

API

Votes:

0 Vote for this issue

Watchers:

0 Start watching this issue

Dates

Created:

29/Jun/18 9:33 AM

Updated:

11/Jul/18 1:50 PM

Resolved:

11/Jul/18 1:50 PM

OTM