[GRP-5400] Template V2 tests fail: "gshTemplateOwnerType is a required field" Created: 04/Apr/24 Updated: 04/Apr/24 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 4.12.0 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chad Redman | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
No idea what this is. I have set the owner type: Run template owner type: group |
[GRP-5399] SCIM attributes for ServiceNow Created: 03/Apr/24 Updated: 03/Apr/24 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, daemon, provisioning, UI |
Affects Version/s: | 5.9.0 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Michael Gettes (ufl.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
For ServiceNow we need the following attributes provisioned based on the documentatation at https://docs.servicenow.com/bundle/washingtondc-api-reference/page/integrate/inbound-rest/concept/scim-api.html name.givenName name.familyName emails.value phoneNumbers.value userName employeeNumber (urn:ietf:params:scim:schemas:extension:servicenow:2.0:User) manager.displayName (urn:ietf:params:scim:schemas:extension:servicenow:2.0:User) manager.value (urn:ietf:params:scim:schemas:extension:servicenow:2.0:User) department.name (urn:ietf:params:scim:schemas:extension:servicenow:2.0:User) |
[GRP-5380] Upgrade jquery version Created: 19/Mar/24 Updated: 19/Mar/24 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
jQuery 1.10.2 has known vulnerabilities |
[GRP-5364] allow read-only users to have full access to grouper Created: 12/Mar/24 Updated: 12/Mar/24 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 4.11.2, 5.8.6 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Michael Gettes (ufl.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Michael Gettes 2 hours ago is there an ability to create a “read-only” version of the grouper sysadmins? I add someone to sysadminReadersGroup and sysadminViewersGroup and they can’t view daemons or other config stuff that the sysadmins can see. Chris Hyzer 2 hours ago thats the intent of those, but we need to make adjustments. if you want to make a jira and we all agree we can start allowing more part of grouper to be seen by those folks...so for instance daemons, maybe sysadminViewers can see them but not change them? We recently changed things so that our normal NetID accounts aren't in the sysadmingroup anymore (instead they are in the sysadminReadersGroup) and we have separate privileged credentials that are in the sysadmingroup now. Anyways, by doing that, I've noticed this issue as well and would also love to see it resolved |
[GRP-5311] ablity to clone an existing GSH template into a new GSH template. ( copy template A into new template B) Created: 17/Feb/24 Updated: 17/Feb/24 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, UI, WS |
Affects Version/s: | 4.9.4 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Carey Black | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
The list of "Miscellaneous > GSH templates" actions buttons should have a "copy to new GSH template" option. It should open the '.../grouper/grouperUi/app/UiV2Main.index?operation=UiV2GshTemplateConfig.addGshTemplate' UI with all of the values from the template that the copy was started from. ( Except for the Config ID value The use would need to pick a new value for that. ) Maybe an intermediate UI page would be needed to get the user to supply the new Config ID? But I hope that would not be necessary. This would make it easier to "Clone" and "test a new idea, or change a few things" without needing to destroy/change the original template and all from the UI instead of exporting properties and such. I guess you might even make a GSH template to list existing GSH templates and prompt the user for the new Config ID and let a GSH template copy the properties from the existing template into a new template via the Grouper properties API? ( I guess that might be another way to achieve this goal. ) |
[GRP-5309] Privileges tab to have priv items in More tab Created: 12/Feb/24 Updated: 12/Feb/24 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 4.10.3 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Michael Gettes (ufl.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
From slack: https://internet2.slack.com/archives/C7V0UQDJ4/p1707755500572869 The privileges tab and the “More” tab to the right of Privileges are mostly all about Privileges. Could/Should the Privileges tab also display the privileges related items from the More tab? I have received questions multiple times from people who didn’t know about applying inherited privs simply because it was hidden in the More tab and not within Privileges. I am NOT suggesting to move the items as this might break local documentation already written. I am only suggesting to copy the priv related items into the Privileges tab page to increase the likelihood of a user finding what they need on their own. Thanks for considering this request. |
[GRP-5279] Browse Folders "sync" button should expand the folder that is finally selected Created: 23/Jan/24 Updated: 23/Jan/24 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 4.9.3 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Carey Black | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
4.9.3 |
Attachments: | image-2024-01-22-22-24-11-169.png image-2024-01-22-22-24-32-694.png image-2024-01-22-22-25-26-874.png |
Description |
When clicking the "sync button" in the "Browse folder" UI element. The folder that is currently selected in the "work area" should be "opened/expanded" in the Browse Folder display instead of being "closed/collapsed".
incorrect ( current behavior ) |
[GRP-5276] Template V2 GshTemplateTestExec should know its own configId, shouldn't need to explicitly define it Created: 22/Jan/24 Updated: 22/Jan/24 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, UI |
Affects Version/s: | 4.9.0 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
When a gsh V2 template is created, it should know its own configId. Tests in the class should use it by default. You shouldn't need to tell the running template what configId kicked it off. And is manually set it and it runs a different template, is this a feature at all, or something you don't want?
|
[GRP-5274] Allow dashes in ConfigIds Created: 21/Jan/24 Updated: 21/Jan/24 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, UI |
Affects Version/s: | 2.5.30, 2.6.0, 5.0.0, 4.0.0 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | image-2024-01-21-16-41-31-989.png |
Description |
When creating a provisioner, gsh template, daemon job, etc., the value for the configId is checked for syntax. It only allows /^[a-zA-Z0-9_]+$/, which is alphanumeric or underscore. Was there any technical reason why dashes are disallowed? They are perfectly legal in Java property keys. It's a confusion for users since they usually assume dashes are ok, until they try to save and get the error.
|
[GRP-5266] Scripted group editor has link to Data field dictionary; opens in same window so loses editing Created: 16/Jan/24 Updated: 16/Jan/24 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-5265] Data field dictionary needs examples for all types, not just entity.hasAttribute Created: 16/Jan/24 Updated: 16/Jan/24 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 5.7.0 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Data fields assigned to entities: "Use this in an ABAC scripted group, e.g. ${entity.hasAttribute('aliasName')}" (this is ok)
Data row: hr_positions: no documentation; need to guess the syntax or look at the crashplan demo on the wiki
Global data fields: "Use this in an ABAC scripted group" (no syntax represented)
Data fields assigned to groups: "Use this in an ABAC scripted group" (no syntax represented)
|
[GRP-5264] No UI hints how to get data from a data field provider Created: 16/Jan/24 Updated: 16/Jan/24 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 5.7.0 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
After looking through source code, it seems a full sync and incremental sync needs to be manually created? |
[GRP-5263] Can't run scripted group job from loader config, "Cant find grouper loader type of group: <groupName>" Created: 16/Jan/24 Updated: 16/Jan/24 |
|
Status: | Open |
Project: | Grouper |
Component/s: | daemon, UI |
Affects Version/s: | 5.7.0 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chad Redman | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Result: flash text:
|
[GRP-5262] Add data provider query, subject source id should be drop down Created: 16/Jan/24 Updated: 16/Jan/24 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 5.7.0 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | screenshot-1.png |
Description |
|
[GRP-5222] Non-root error for provisioning edit from provisioner row action (editProvisioningOnGroup2) Created: 30/Dec/23 Updated: 30/Dec/23 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 4.5.0, 5.3.0 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chad Redman | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
When an ACL group (provisioner.{configId}.groupAllowedToAssign) is configured for a provisioner, and non-root users are put into it, they can edit the provisioning from the Provisioning actions menu. But if there is a provisioner listed, the Actions > Edit provisioning menu item returns an error: "Error: Cannot access provisioning., Problem calling method editProvisioningOnGroup2 on edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2Provisioning".
|
[GRP-5219] Need jexl script test for provisioningEntityWrapper.isInGroup('...') Created: 27/Dec/23 Updated: 27/Dec/23 |
|
Status: | Open |
Project: | Grouper |
Component/s: | provisioning, UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
When testing out whether as script using ${provisioningEntityWrapper.isInGroup('xxx')} works, it needs an instance of GrouperProvisioningTranslator to create the cache map. I don't see a clear way to set this up using the script beans |
[GRP-5208] Paging config history with a filter clears the filter on next page Created: 21/Dec/23 Updated: 21/Dec/23 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chad Redman | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
1) Go to Config history 2) Add a text filter that matches more than 50 values 3) Click next to go to the next 50 entries
Result: The filter is cleared. Confirmed by showing the total number of results on the second page, not the filtered number |
[GRP-5201] After editing a daemon config, return to daemon details, not the All Daemons page Created: 18/Dec/23 Updated: 18/Dec/23 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
When editing and saving changes to a daemon config, the user goes back to the All Daemons page and needs to find the daemon in the list again to get back to it. |
[GRP-5200] UI wizard for rules Created: 18/Dec/23 Updated: 18/Dec/23 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Chad Redman | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Managing rules via creating attribute assignments is tedious. There should be an easier way of setting them up. |
[GRP-4370] Move banner and footer into jsp includes Created: 21/Sep/22 Updated: 13/Dec/23 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.2.0 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman | Assignee: | Chad Redman |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
The banner in the Index jsp template currently allows only the customization of the logo. Installations may want to add more functionality, like the environment, Grouper version, special notices, etc. The footer also has hardcoded © {institutionName}; thus the only customization option is the institution name. They may not even want a copyright notice. If the institution wants more customization than that, the option is to fork the index.jsp page itself (there is a commonHead and commonBottom jsp, but these are for scripts and css). The risk is in technical debt of always watching for jsp changes to merge during upgrades, and of having a broken page if the change was not noticed. If the banner and footer were extracted and made into separate partials that were included during page build, it would be a smaller risk for the maintainer.
|
[GRP-5177] attestationDaysBeforeToRemind is not a default metadata attribute for attestation Created: 06/Dec/23 Updated: 06/Dec/23 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Jeffrey Williams (uncg.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
Grouper 4.x |
Description |
When attestation is configured for a folder/group, the attestation attribute is assigned with a set of metadata attributes included based on user input. AttestationDaysBeforeToRemind is not included, nor is it readily apparent that it is set. Possible Steps to remediate: -Add "Days before reminders" row to Group Attestation - View attestation settings to display attestationDaysBeforeToRemind. -Update "Attention: this group's memberships need to be attested soon." to include the number of days before attestation is required". |
[GRP-5115] Report gsh scripts can't be >4000 characters Created: 10/Nov/23 Updated: 13/Nov/23 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 4.7.1 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chad Redman | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Report type: GSH ERROR: value too long for type character varying(4000) UI Error:
|
[GRP-5070] Job log include elapsed time in something besides millisecond Created: 20/Oct/23 Updated: 20/Oct/23 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | image-2023-10-20-13-07-55-396.png |
Description |
This request is just for convenience. Sometimes it's hard to tell how long something runs, especially when the numbers are large. It should be something friendly, like 2h 21m or 2d3h25m if it runs that long.
|
[GRP-5069] Remove "Attribute name for net ID" from subject source Created: 20/Oct/23 Updated: 20/Oct/23 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
This is a field that shows up in subject source configuration, but there is no explanation what a "net ID" is for. I had traced through the source code a while ago, and at that time it was only used in either the custom UI or a less common reporting setup. It would eliminate some confusion if it were just refactored to not use this custom net ID. It we do need some kind of preferred identifier, then maybe it just needs to be rebranded – renaming and adding a description. |
[GRP-5030] Can't add entitySubjectIdentifier attribute to local entity Created: 06/Oct/23 Updated: 11/Oct/23 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, UI |
Affects Version/s: | 4.7.0 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chad Redman | Assignee: | Vivek Sachdeva (google.com) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Trying to add attribute etc:attribute:entities:entitySubjectIdentifier to a local entity per documentation in https://spaces.at.internet2.edu/display/Grouper/Grouper+local+entities. Result is:
The attribute assignment is being treated as if it's being added to a subject, not an entity. If I edit the assignment to allow it to be set for members, I can add the attribute. But then I can't add a value to it due to another error:
|
Comments |
Comment by Chad Redman [ 06/Oct/23 ] |
Also can't view the assignments once assigned.
Stacktrace (very long, it's all from the same single page view)
|
[GRP-5032] OWASP_CSRFTOKEN header has underscore, not passed along by nginx Created: 07/Oct/23 Updated: 07/Oct/23 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Trying to debug a Grouper UI error going to any page besides the main page. Comparing the browser headers vs. the ones seen by the server, the OWASP_CSRFTOKEN header is missing. There is an nginx front end forwarding to Grouper, but possibly another hop too. Internet searches suggest that nginx by default doesn't pass headers containing an underscore. See https://stackoverflow.com/q/17920949 . The fix is likely to configure nignx to allow underscores:
but I haven't tested this yet. Longer-term, if it's possible to change this header name to replace or remove the underscore, it means Grouper would work out of the box with nginx without customization. The header string is both in the Owasp configuration, javascript, and Java code, so it may not be a trivial change that end users can do. |
[GRP-4993] Add a notes field for attestation Created: 25/Sep/23 Updated: 25/Sep/23 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
As requested by a customer. Have a notes field when attesting a group. Maybe clicking the button expands to show a text field? It may be enough just to have it in the audit log, and the would see the notes in the audit history. |
[GRP-4991] Hide the Create group/Create folder button if the current user can't create any groups or folders Created: 25/Sep/23 Updated: 25/Sep/23 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
As requested by a customer. The button is confusing if the user isn't the manager of any groups or folders. |
[GRP-4990] Allow to add membership notes when adding a membership Created: 25/Sep/23 Updated: 25/Sep/23 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 4.6.0 |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Chad Redman | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 1 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Similar to adding a start/end date on a new membership, have fields for membership attributes that can be added. The configuration can be similar to the Group editor page where you can configure which attributes show up. |
[GRP-4839] Add config options to restrict membership export Created: 10/Jul/23 Updated: 19/Jul/23 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Chad Redman | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
In order to prevent users from downloading a list of all employees, etc., have some way to restrict the export functionality. Options?
|
Comments |
Comment by Chad Redman [ 19/Jul/23 ] |
Other ideas after discussion:
|
[GRP-4846] Loader job action to clear a job stuck in the Started state Created: 12/Jul/23 Updated: 12/Jul/23 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, UI, WS |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Chad Redman | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 1 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
If a job is started but something happens and it exits without updating the status, it is stuck in the starting state in the loader log, and won't start again until restart (or until it gets reset in 10 minutes?). It would be good to clear out the state so it can restart normally, without needing to restart the whole daemon, or doing sql manipulation to clear out the stuck job from the log. Something available in the API and WS as well as the UI would be good for more options. |
[GRP-4796] configurable mood / theme music Created: 16/Jun/23 Updated: 16/Jun/23 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Liam Hoekenga (umich.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
CC: |
Jeffrey Williams (uncg.edu)
|
Description |
Grouper should support theme or mood music while in UI. It could be as simple as associating midi songs with certain activities, or as complicated as using AI to procedurally generate music appropriate for the population being managed. Maybe it plays a little jingle when a massive group import is completed, like when my dishwasher finishes a load of dishes? I feel that it could increase satisfaction in UAT. |
[GRP-4765] Daemon job history chart should show started jobs as an extended line Created: 23/May/23 Updated: 23/May/23 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
In the job history chart, a job in the started state shows a very narrow box. In reality, the job is potentially still running, so the line should extend to the present time, or until the next time the job ran. |
[GRP-4745] Subject diagnostics Long label "not used in the new UI" inaccurate Created: 09/May/23 Updated: 10/May/23 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | subject_name_appearance_in_ui.png |
Description |
The format for subject names for the Member Add drop down list differs from how it appears everywhere else. It's also configured with a different property. 1) Subject page heading, search results, and group member list: `screenSubjectIcon2.screenHtmlEl.0 screenLabel2.screenEl.0` This corresponds to the diagnostics value for "Short link with icon" 2) Subject breadcrumbs: `screenLabel2.screenEl.0` (basically #1 without the icon) This corresponds to the diagnostics value for "Short link with icon" 3) The drop down names during the Member Add autocomplete field: screenSubjectIcon2.screenHtmlEl.0 subjectImgLong.screenEl.0 This corresponds to the diagnostics value for "Long label with icon", even though right after it reads "This is not used in the new UI" 4) The Member Add autocomplete after choosing a value: subjectImgLong.screenEl.0 (basically #3 without the icon)
The descriptions for the diagnostics values under "SUBJECT IN UI" should be adjusted to be more accurate. Suggested:
Short link with icon: ...
|
[GRP-4696] Loader jobs summary page shows count -1 if there are any subject problems Created: 12/Apr/23 Updated: 12/Apr/23 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chad Redman | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
The daemon log for a loader job shows this:
But the loader job page shows this for the same job:
The loader page should reflect the same status and counts as the actual loader log. |
[GRP-4609] allow resize of left navigation panel Created: 02/Mar/23 Updated: 02/Mar/23 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Ben E Rappleyea | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
2.6.9 |
Description |
We have received requests from our customers to make the left hand navigational panel resizable so that they are not having to scroll back and forth constantly or search for the group instead. |
[GRP-4595] attribute on a group to control UI default filter on direct/indirect display Created: 09/Feb/23 Updated: 09/Feb/23 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.6.19.3 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Michael Gettes (ufl.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 1 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
from discussion in slack channel Add an attribute to a group to cause the UI to display the group with a filter of direct memberships or indirect by default. The absence of the attribute is all (current behavior). There could be a system-wide default to control the default display of groups in the ui as well... but this is usually desirable for large groups for environments where the display of the large group is slow (which may in fact be a sign of a misconfigured cache and other components - but this at least allows for helping with the display of the group). |
[GRP-4590] "enter at least two characters" in groupMove always Created: 03/Feb/23 Updated: 03/Feb/23 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.4.1 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Jutta Biernath | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
multiple |
Description |
If you want to move a group, open the search form by clicking on "search for a folder where you are allowed to create new subfolders" and enter no matter what, you will always get the error message "enter at least two characters". We still use Version 2.4 but I've taken a look at the Grouper project at Github and it seems to me that the bug still occurs in 2.6 as well. |
[GRP-4548] SUpport file attachments in workflows Created: 22/Dec/22 Updated: 22/Dec/22 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.4.0.patch |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-4547] Support start/end dates in workflow Created: 22/Dec/22 Updated: 22/Dec/22 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.4.0.patch |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Is this currently supported? I didn't see it in the wiki or in the 2.6.18 source code. This would be from optional fields from workflow approval states, or from the original requestor |
[GRP-4450] Provisioner metadata is readonly unless "can change" is true Created: 01/Nov/22 Updated: 01/Nov/22 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.6.16 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chad Redman | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
When a provisioner has metadata, there is no way to set the value of it unless the "Metadata xxx: can change" is set to true |
[GRP-4445] SQL subject source should show form field for maxPageSize Created: 25/Oct/22 Updated: 25/Oct/22 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.5.40, 2.6.0 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-4439] Subject source adapters don't limit query to default limit when max results is blank Created: 22/Oct/22 Updated: 22/Oct/22 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, UI |
Affects Version/s: | 2.5.41, 2.6.0 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
In the UI for the new sql subject adapter (GrouperJdbcSourceAdapter2_5), the field for Max results size has a description "Max results size. Default value is '100'". However, if the field is left blank, there is no limit of 100, and all records are returned. This applies to substring searches in the add member search box which looks up for every character typed after a pause, when the length is 2+. With a small search string, this could potentially return a large list of results. The workaround is to always put a value in this field, even if you want the value to be 100. The `subjectApi.source.genericSource.param.maxResults.value` does have a default of 100, but that may just for display. I don't see any source init functions that set the default as a fallback. |
Comments |
Comment by Chad Redman [ 22/Oct/22 ] | ||||||||||||||||
The suggested workaround of setting maxResults causes loader jobs to fail. This was the result when maxResults was set to 50 (I reformatted the sql for readbility):
(there are 180 of those ?'s) |
[GRP-4410] Allow option to not show subject attribute friendly description for names Created: 06/Oct/22 Updated: 06/Oct/22 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.6.16 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Example: The subjectId is the opaque unchanging ID of the entity This is the entity attribute: preferred_email The entity attribute 'name' is the first and last name of the entity The 'description' attribute differentiates entities with the same name
This is new UI behavior for 2.6.16, and may not be desirable for all institutions |
[GRP-4394] Allow the UI list of Provisioners to be extended Created: 30/Sep/22 Updated: 30/Sep/22 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.6.16 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
The drop down list of provisioner types that can be created is a hard coded list of specific classes in ProvisioningConfiguration.provisionerConfigClassNames that is defined as final at Grouper startup. If an institution creates a custom provisioner, the classes can be supplied in a separate jar. But there isn't a way to extend the drop down list since it is sealed. Maybe something like this in grouper-ui.properties?
The provisioners would then appear after the built-in ones, in the order enumerated in the config. |
Comments |
Comment by Jonathan Johnson (unicon.net) [ 30/Sep/22 ] |
in 2.6.16, the `Set` is indeed `final`, but it's not unmodifiable. Elsewhere, I've set up an initializer that adds to the set, but it might be nice to add a standard/supported method to the class |
[GRP-4393] relieve or increase SQL size limit for loader jobs Created: 28/Sep/22 Updated: 28/Sep/22 |
|
Status: | Open |
Project: | Grouper |
Component/s: | daemon, UI |
Affects Version/s: | 2.6.16 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Michael Gettes (ufl.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
per slack conversation: |
[GRP-4368] Creation of Local Entity Failing when not user in sysadmingroup Created: 21/Sep/22 Updated: 21/Sep/22 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.6.10 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Jonathan Keller (ucdavis.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | grouper_local_entity_create_stack_trace.txt |
Description |
Creation of a local entity in a folder seems to be failing due to the system attempting to assign permissions to the entity which are not allowed by the user creating the entity. The user has Admin privs on the folder (inherited) that the entity is being created in. There are no explicit permissions being assigned to these entities as far as we can tell, so we are a bit at a loss as to which permissions are triggering this error. Users in the sysadmingroup do not have this issue. I'm attaching the stack trace which is logged when this happens. The UI returns the usual message related to the Hibernate transaction being closed. |
[GRP-4063] gsh template add a "warning" output status Created: 02/Jun/22 Updated: 31/Aug/22 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.6.8 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chad Redman |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
I don't know if we can make just those lines yellow, or if the whole div needs to be yellow. IIRC these statuses are magic string values. It would be good to have an enum version of these too, which would make it more "Java-like".
|
[GRP-4056] "Export configuration file" only exports DB properties without any indication Created: 26/May/22 Updated: 08/Jun/22 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.5.34, 2.6.0 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Under Miscellaneous->Configuration, the option under Config actions to "Export configuration file" is really only exporting properties that are defined in the database. There is no indication that is what it is doing. It isn't intuitive, since it's not exporting what the user sees on the screen, which is the overlay of the entire hierarchy. It's also not acting on any Source type filter (e.g. non-base) or string filter, and it isn't intuitive that they will be ignored.
|
Comments |
Comment by Chris Hyzer (upenn.edu) [ 08/Jun/22 ] |
maybe add more options or have descriptive error message if nothing there to export |
[GRP-4058] LDAP loader form missing option to schedule job Created: 26/May/22 Updated: 26/May/22 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.6.8 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | image-2022-05-26-18-57-23-341.png image-2022-05-26-18-57-34-417.png |
Description |
SQL Loader:
LDAP Loader:
|
[GRP-3895] Add GSH as a loader job type Created: 02/Mar/22 Updated: 25/May/22 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, grouperLoader, UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chad Redman (unc.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
https://spaces.at.internet2.edu/display/Grouper/Grouper+-+Loader+GSH
A GSH job type will allow more kinds of sources in loader jobs. The script could be written to query a REST endpoint, a flat file, or a proprietary client-server interface, and then produce either a list of subjects (GSH_SIMPLE) or groups + subjects (GSH_GROUPS_LIST). The wiki proposes the subject and group resolution be done in the script rather than outputting then as strings. This is so that the script has total control, in case it needs to do more complex logic – e.g. custom display names or descriptions for groups, or dynamic source determination for subjects. Like gsh templates and reports, there will be specific variables passed into the script. GrouperSession and LoaderJobBean objects will be used like in the SQL and LDAP loader types, while a new GshLoaderJobResults object will hold the rows of the script results. for a GSH_SIMPLE job the rows will be Subjects, while for a GSH_GROUPS_LIST they will be Group + Subject tuples. It will not need a separate group query like the SQL loader does, because the script will be doing its own group creation as needed. |
Comments |
Comment by Chad Redman (unc.edu) [ 25/May/22 ] |
This will be tabled for now. There is a lot of duplicated base work, since there is no re-use of the attributes, form fields text config labels, or beans. Perhaps there will be a redesign of the loader in a future release so that there is more common infrastructure. In the meantime, creating an OTHER_JOB to run a gsh script (https://spaces.at.internet2.edu/pages/viewpage.action?pageId=166661325) should work just as well. You would just need to write your own group and membership sync. |
[GRP-4053] attributeName in dijit combo box is one gear, not 3 Created: 25/May/22 Updated: 25/May/22 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.4.0, 2.5.0, 2.6.0 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chad Redman (unc.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | image-2022-05-25-01-31-48-957.png |
Description |
When searching for an attributeName in the combo box, the icon is one gear, not 3. It used to be a folder icon, before GRP-1780 changed both attribute defs and names to the same gear icon
|
[GRP-4039] non-Root with folder VIEW and ATTR_READ can't access attributes Created: 14/May/22 Updated: 15/May/22 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.6.8 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | GRP-4039-stemMoreActionsButtonContents.png |
Description |
For a non-root user, with the correct READ privileges on an attributeDef, and VIEW and ATTR_READ on a folder, the user can't see the attributes on the folder because the menu item isn't an option. See screenshot |
[GRP-4008] "Include current members" status in UI Created: 26/Apr/22 Updated: 29/Apr/22 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.6.8 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Ben E Rappleyea | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | ui | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
Red Hat Openshift containers of the Internet2 image 2.6.8 |
Attachments: | Demonstrating GRP-4008.mp4 image-2022-04-26-14-22-12-898.png image-2022-04-26-14-22-37-565.png |
Description |
When configuring the loader for a group it has been our experience that if you set the config in the UI to one thing the "view loader settings" option will show the opposite of what is selected in the "edit loader configuration" option.
|
Comments |
Comment by Ben E Rappleyea [ 29/Apr/22 ] |
Adding a video that might better explain what is occurring. I have confirmed, however, that this is not occurring at the DB level and appears to only be in the UI. |
[GRP-3897] User having read/update on a group should be able to see group names that are members even without view privilege on them Created: 02/Mar/22 Updated: 03/Mar/22 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, UI |
Affects Version/s: | 2.6.8 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | image-2022-03-02-13-12-00-099.png |
Description |
If a user has READ + UPDATE on a group, and a group is a member of that group, but the user doesn't have READ or VIEW on that member group, they can see the members of that group indirectly, but not the group name itself. In the screenshot above, a user needs to attest the group, but can only see the indirect members, not the direct group member. They can't determine whether that group is appropriate in order to attest to it. Should it be assumed that if a user has read and update on a group, they should be able to see the names of member groups? This would probably affect the API and WS as well, not just the UI. The current behavior also affects visualization, where it shows the group having members, but doesn't include the source group that is the source of those members. |
Comments |
Comment by Chad Redman (unc.edu) [ 03/Mar/22 ] |
Since the group entry is hyperlinked, we will need to handle it somehow. Maybe not hyperlink it, possibly also add a note to the group name that it's not not readable?
|
[GRP-3823] Add advanced filter to subject's memberships, where you can filter by object type Created: 16/Feb/22 Updated: 16/Feb/22 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.6.6 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 1 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
The memberships tab for a subject may include a lot of intermediate groups which are not interesting to see. In order to trim the data to the more useful rows, there should be an advanced filter where you can include or exclude one (or more?) object types. |
[GRP-3717] improve performance of property configuration in the UI Created: 09/Dec/21 Updated: 09/Dec/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.6.5 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chad Redman (unc.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
The property management page in the UI is relatively slow to appear, approximately 20 seconds at our institution for grouper.properties to be loaded. This is so slow that it not only affects the wait time for the page to appear, but also impacts properties import. When importing properties, the import results in the green status bar are immediately displayed, and the page appears to be complete. But when you go to another page, the page may initially display, but will then be redirected later back to the property management page, which took a while to generate the summary page of all the properties. Apparently the ajax isn't cancelled so is still pending 20 seconds after going to a different page. In our configuration, the configuration pages also randomly but consistently would bring down our UI server (which was admittedly tight on memory). Doing a profile while loading the configuration page shows that it uses up 150MB of ram for temporary objects that are then released for GC once the page loads. This seems like a lot, for a page that is just loading key/value pairs.
|
[GRP-3608] Add audit entry of specific subject in group members tab Created: 13/Sep/21 Updated: 08/Dec/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.6.0 |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chad Redman (unc.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | image-2021-09-13-17-46-33-732.png | ||||||||||||
Issue Links: |
|
Description |
When investigating out when a particular subject was added to a group, getting the whole audit list for the group and looking through all the pages for the subject is cumbersome. (1) The audit entry table can be very large, and may perform poorly; (2) except for date, there is no filter in the audit entry view other than by date, so the user needs to scan through pages of entries to find the target.
From the membership view, getting the membership add/change/delete audit entries for a particular user in a group should be much faster than getting all the entries for the group.
Suggested:
|
[GRP-1214] Ability to export Audit report as CSV file Created: 14/Oct/15 Updated: 08/Dec/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.2.2 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Jeffrey Crawford | Assignee: | Chad Redman (unc.edu) |
Resolution: | Unresolved | Votes: | 1 |
Labels: | audit, csv, export, log | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
Red Hat EL 6 |
Description |
We can download the members of a group as a CSV file, our security team would like that expanded to the audit log. It would be useful that the same filter criteria could be used so that a CSV would only contain the time frame of interest. |
[GRP-3643] Notification feed functionality to address long-running UI operations Created: 30/Sep/21 Updated: 30/Sep/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Major |
Reporter: | Jeffrey Williams (uncg.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
Grouper UI, all versions. |
CC: |
Carey Black (osu.edu), Chad Redman (unc.edu), Erik Coleman (illinois.edu), Justin Robinson (iu.edu), Liam Hoekenga (umich.edu)
|
Description |
Currently, long-running operations will result in an error message "×There was an error with your request. Click here to start over." No error has occurred outside of the UI timeouts. However, the user isn't notified that their operation is still processing, only when it completes.
A functional improvement to the UI would be a notification <div>, accessible from an icon in the upper right of the UI (similar to notification feeds in certain social platforms and admin consoles) from any page. The feed would contain the user's recent activity(similar to that on the user's main page). The feed would be modified to add an entry when when an operation taking longer than a configurable amount begins, then another when an operation ends. |
[GRP-2130] UI timeout page that the user is redirect to instead of leaving them "wherever" they are to have a fail on "first click" Created: 08/May/19 Updated: 30/Sep/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.3.0, 2.4.48, 2.5.57 |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 4 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
My users (and I ) are often frustrated by the "CSRF warning" only to click a link and SSO back into the app. It would be a much better experience if the user would come back to a "your session has expired" page and know that the first click leads to a login process instead of being surprised by the process.
I have seen "security centric" apps that have UI timeouts built in. When the timeout expires ( due to lack of use ) the browser auto redirect the user to a page that tells them their session has timed out and gives them a link to log back in. (and start a new session.)
I think it would be a good feature for Grouper UI to implement. |
[GRP-3641] Visualization: If sibling count greater than set limit, display a node indicating truncation Created: 29/Sep/21 Updated: 29/Sep/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.6.0 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | image-2021-09-28-23-39-07-539.png |
Description |
Credit to Karl Amrhein for this suggestion. If a group has a large number of groups as members, it's desirable to limit the number of siblings shown to make the drawing smaller. But there is no indication in the graph whether siblings are being truncated. So maybe add a pseudo-node indicating more groups exist? See one possibility below.
|
[GRP-3638] Shore up "masking" of secrets in Configuration view Created: 24/Sep/21 Updated: 24/Sep/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Scott Cantor (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
The PSPNG provisioner I guess depends on an LDAP property that ends in bindCredential instead of password, and the Configuration view in the UI of the loader properties doesn't mask it the way it does other property names it thinks are secrets. Seems like an obvious/simple fix. I'm aware that it would be masked if it were stored in the database directly, but that's not always the goal. |
[GRP-3612] GSH templates support input type of 'find a Subject' and 'find list of Subjects' types Created: 15/Sep/21 Updated: 15/Sep/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | GSH Templates, UI |
Affects Version/s: | 2.5.56 |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
It would be helpful to reuse the existing 'add Member' UI structure and logic to allow a user to select a subject ( or a list of subjects) as an input to a GSH template. Ideally the GSH template config could also add some limits/scopes to the searches too:
|
[GRP-2430] add audit in membership drop down for memberships Created: 19/Nov/19 Updated: 13/Sep/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Issue Links: |
|
[GRP-1845] Group "View audit log" should allow a user to filter by more values than time Created: 25/Jul/18 Updated: 13/Sep/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
2.3 |
Issue Links: |
|
Description |
Only being able to filter by dates is rather limiting. Please also allow the UI user to filter by the following: Actor ( grouper user/process that made the change ) Member ( Member was affected by the change ) Type of change ( add , delete[AKA: remove] , Exported, ... other actions??) |
[GRP-3596] UI attributeName owners filtering should support filtering on the values that are assigned. Created: 09/Sep/21 Updated: 09/Sep/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.5.54 |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
The filtering on the Attribute Name "view assigned owners" appears to only filter on the object names where the attribute Name is assigned. It would be very helpful to also be able to "find" by assigned Value matching too. |
[GRP-3594] UI filter features should not clear as frequently as they do Created: 08/Sep/21 Updated: 08/Sep/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.6.0, 2.5.56 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Example ( but not the only one) is the UI for attribute assignments for an AttributeName. If you set a filter to get a sub set of the assignments. Either the refresh should be "optional", or the filter should be maintained and reused during the refresh. I can see value in not doing the refresh constantly for the user. (UI performance to fetch almost the same list back each time.) But that likely would require other UI dynamic actions for things like "remove" a row too. |
[GRP-3559] Refactor UI templates to not depend on the UI Created: 04/Aug/21 Updated: 07/Sep/21 |
|
Status: | Resolved |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.4.0.patch, 2.5.0 |
Fix Version/s: | 2.5.56 |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chad Redman (unc.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Issue Links: |
|
Description |
The classes for the UI templates – both the original app/gdg/policy and the new gsh ones – were written to only be usable from the UI. This means that they can't be called from GSH or from WS, without creating mock HTTPRequest and HTTPSession containers. It also makes it harder to write unit tests. The classes have been added to the edu.internet2.middleware.grouper.grouperUi.beans.ui package, even though they are not beans. This makes it harder to identify which classes are related to the template functionality, since they are mixed in with container bean classes that were originally meant to be for jsp templates.
See also GRP-3041 Make the Template Feature available in the WS API |
Comments |
Comment by Chad Redman (unc.edu) [ 04/Sep/21 ] | |
The application template is fine. But the policy template (GrouperTemplatePolicyGroupLogic) has references to GuiResponseJs, so that it can inject error messages. If these were changed to just throwing exceptions, it would be usable outside of the UI. | |
Comment by Chad Redman (unc.edu) [ 04/Sep/21 ] | |
Removed the dependence on GuiResponseJs. Unfortunately, there is still a dependence on GrouperRequestContainer via GrouperTextContainer. This is in property keys like "policyGroupAllowDescription", which are EL expression that reference GrouperRequestContainer:
The only variables available to EL expressions used by GrouperTextContainer are grouperRequestContainer, servlet request, and textContainer itself. Variable grouperRequestContainer is null outside of the UI, so this returns a NPE from gsh. I don't see a way to inject stemTemplateContainer as a variable which is all it needs and doesn't require a http context. Is there any way to do text properties with EL that can avoid grouperRequestContainer while still supporting internationalization? | |
Comment by Chad Redman (unc.edu) [ 04/Sep/21 ] | |
An odd workaround for the ${grouperRequestContainer.stemTemplateContainer....} issue was to add a new variable `stemTemplateContainer` to the EL map. For some reason, EL evaluates ${grouperRequestContainer.stemTemplateContainer} to stemTemplateContainer if grouperRequestContainer is null. |
[GRP-2441] tree display performance with permissions turned on Created: 22/Nov/19 Updated: 26/Aug/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.4.0, 2.5.54 |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
I prefer explicit permission models instead of implied.
Example: If there was a "folder view permission" then groups could be given access to see a folder. ( or "the magic All subjects thing" could be used too.)
To achieve the current implied folder visibility design: ( or turn it off at the root or at some level down the tree, if you don't ): A rule (on the root folder) on folder create:
That way as folders are created and people are allowed to see a N level deep folder, they will automatically be able to see all the N-1 level deep folders above it back to the root.
Another rule could:
In this model a user might have access to something in a N level deep folder that they can not see the whole path too in the UI folder tree. ( Which is fine with me. ) They should be able to search and find, bookmark, find via services those things too. I would expect the tree to "add parent folder(s) back up to the root" when a user "jumps" to an object from a search. ( Picture long chain of "closed" folders back to the root with only the children object(s) of the last folder being added to the tree. ) If a user selects a "higher level folder" that they don't have explicit access to, then they see nothing and nothing changes in the tree. ( no error, no message, must a "folder with a child folder". All I am really talking about is making the permissions that drive the tree structure in the UI local to each folder so that a "search of a single folder's child folders/objects" is all that is ever needed for the "open" tree folder. When a folder is selected in the tree then becomes an "open folder" and then it's child objects are added to the tree and closed child folders are added to the tree as well.
It's a fairly big ask, but it makes the UI more "permission driven" and avoids "loading the whole tree" (at any time) to do it.
And maybe other indexing approach could be done to "fix performance" too. However, this approach adds a feature that would allow users to have a simplified folder UI structure as well. (And that could be achieved other ways too. I like using ACL's to provide the most flexibility to the deployer. ) |
[GRP-3568] Subject diagnostics search fields remove default values "someSubjectId" etc. Created: 16/Aug/21 Updated: 16/Aug/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.4.0.patch, 2.5.0 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | image-2021-08-15-23-48-55-801.png |
Description |
The subject diagnostics search fields all pre-fill the subject search fields:
These values are unlikely to find anyone, so the user has to go to the fields and overwrite them or delete the values, otherwise they will have errors. Why default values? If they need hints, we can add placeholder properties to the input fields (see mockup screenshot).
|
[GRP-3567] Log INFO->DEBUG or remove: SessionInitialiser "resources/grouper/ui-permissions.xml not found. Default permissions apply." Created: 12/Aug/21 Updated: 12/Aug/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
If log4j is set to default to INFO level, the majority of the UI logs are:
The ui-permissions.xml message this refers to is not included by default, is not mentioned in the wiki, and the format is only explained in javadoc. If anyone used it, it was only activated for the GroupMembershipMenuFilter in either the admin or lite ui. So it's highly unlikely to exist, which means it shouldn't warrant being at INFO level. Personally I vote to delete it. |
[GRP-3556] GSH Templates should skip the show/hide checks/logic if the template has no 'Jexl for showEl' on any inputs. Created: 30/Jul/21 Updated: 30/Jul/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Setting values on a GSH template can be slow. It appears to be due to a round trip to the server to validate the hide/show state for the inputs. This enhancement would avoid that processing when it will not be used for any of the Template inputs. |
[GRP-3512] Unresolvable Subject UI paging not working Created: 28/Jun/21 Updated: 15/Jul/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.5.50 |
Fix Version/s: | None |
Type: | Bug | Priority: | Major |
Reporter: | Erik Coleman (illinois.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
When choosing to view unresolvable subjects and there are multiple pages to display, the pagination links "First|Prev|Next|Last" do not work, and you cannot select a different page size. As a result, I can only view the first 50 unresolvable subjects. |
Comments |
Comment by Erik Coleman (illinois.edu) [ 15/Jul/21 ] |
This appears to be a condition that only happens under a certain sequence of events, which I haven't reproduced yet. Paging works, then quits. |
[GRP-3504] Provisioning entity attribute gives error about missing group DN Created: 22/Jun/21 Updated: 22/Jun/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.5.52 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | grouper-loader.properties |
Description |
GTE (Grouper training environment) module 201.4 is provisioning an eduPersonEntitlement calculated based on group name. It needs the group to calculate the entitlement value, but is not provisioning the group itself. Validation of the provisioner gives 2 errors: |
[GRP-3499] add option to delete from "unresolvable subjects" lookup screen Created: 10/Jun/21 Updated: 10/Jun/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Liam Hoekenga (umich.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | usdu2.png |
Description |
Consider adding the option to delete an unresolvable subject from the "unresolvable subject search" interface.
|
[GRP-3410] other input’s available for replacement in the SQL string Created: 23/Apr/21 Updated: 28/Apr/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, UI, WS |
Affects Version/s: | 2.4.48 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 1 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Are any other input’s available for replacement in the SQL string? It would be interesting/useful to be able to show the use a list of “objects in the folder” ( object type could be driven by the structure/hard coded in the SQL or maybe by a previous input the user selected. ) A list of groups that start with user supplied string “good”( gsh_input_group_prefix ) SQL of next input could be something like: Exact SQL var syntax open to the whims of the project. |
Comments |
Comment by Erik Coleman (illinois.edu) [ 28/Apr/21 ] |
This would be useful if applicable to both SQL Loader jobs, as well as the SQL Table Sync! |
[GRP-3411] GSH templates ( UI ) should support an input type of "Subject picker" Created: 23/Apr/21 Updated: 23/Apr/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.5.48 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 1 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
It would be useful to be able to find subjects in user process of completing a GSH template. Reusing the existing search features of the UI for "Add Members" "Member name or ID:" searches would be good. Using the "search for an entity" UI might be better. |
[GRP-2827] members tab from group screen doesnt work when editing reports Created: 26/May/20 Updated: 21/Apr/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 1 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-2903] Misc --> "All daemon jobs" filter option: List/sort jobs by "current/next run time" Created: 28/Jul/20 Updated: 08/Apr/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
It would be useful to be able to see/find gaps in when jobs run. This can be helpful to: find "windows of time" to shutdown the daemon without interrupting jobs. And to verify the order that the jobs will be running. ( A human might notice a missing job in the list/sequence, or see "conflicts" between jobs too. )
If there was an option to only show "running jobs" and the next 5 jobs that will "start next" would also be a useful way to think/work with this idea too. |
Comments |
Comment by Carey Black (osu.edu) [ 08/Apr/21 ] |
to only show "running jobs" <-- would be helpful to diagnose conditions like a loader process that dumped a lot of events on the system and other processes are chewing through the backlog of events.... |
[GRP-3333] update LDAP setting descriptions in the "external systems" UI Created: 31/Mar/21 Updated: 31/Mar/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.5.47 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Liam Hoekenga (umich.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
The description for each of Batch Size, Count Limit, Time Limit, and Timeout is.. "optional (note, time limit is for search operations, timeout is for connection timeouts), most of these default to ldaptive defaults. times are in millis"
I think it would be more helpful to describe what each of those limits are for (and house batch size / count limit are different than "paged result size") |
[GRP-3322] Cannot remove jobs from daemon jobs screen Created: 29/Mar/21 Updated: 29/Mar/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.5.46 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Liam Hoekenga (umich.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Jobs removed via the daemon jobs UI don't stay removed. They reappear. |
[GRP-1575] Attestation view/approve inaccessible for non-wheel users Created: 10/Jul/17 Updated: 10/Mar/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.3.0.patch |
Fix Version/s: | None |
Type: | Bug | Priority: | Major |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
From: Redman, Chad We just had our first user get an attestation recertification email, and when they tried to certify, they reported back an error: "etc:attribute:attestation:attestation attribute doesn't exist". The user actually wasn't an admin for the group, but got the email because the address was explicitly set in the Email addresses field. However, in my testing using a non-wheel account, being an admin for the group is not enough. When I gave my non-wheel user admin privileges, I could reproduce the same error. The only way I could get attestation to work was to grant the user read/update on etc:attribute:attestation:attestationDef and etc:attribute:attestation:attestationValueDef. But this is not desirable, as it now allows the user to edit attestation for any group. Am I looking at this the wrong way? Thanks! |
Comments |
Comment by cer28 [ 02/Aug/17 ] |
The users were waiting on a fix for this, so I debugged the source code to figure out exactly what was needed for a regular user to view the attestation or mark it as Reviewed. To view the attestation page: 1) User needs to have Read on etc:attribute:attestation:attestationDef Note that the button to mark it as reviewed shows up for these users, even though they don't have the update privilege that would make it work. They just get a user-unfriendly message about no access to the attribute definition. Checking for the correct permissions before showing the button would be helpful here. To be able to mark the group as Reviewed: 1) User needs to have Read and Update on etc:attribute:attestation:attestationDef To simplify configuration slightly, we created a Readers group and an Updaters group, instead of granting individual permissions to the attribute definitions in etc:attribute. Any users who would be doing any kind of attestation work would be put into one of these groups. It's possible that it's safe to make access to the attribute definitions public, as you can only read or edit groups where you have attribute read/update anyway. We were just playing it safe there for now. |
Comment by Carey Black (osu.edu) [ 10/Mar/21 ] |
The details appear to be different in 2.5.39. Without UPDATE privileges the user can view the attestation information, but not mark the group as attested. Maybe this could be closed?
Might also be related:
|
[GRP-3213] During a bulk import ( from the UI/WS ) to group(s) that are loaded by a loader job the loader job should "wait/skip the group" until the import is complete. Created: 04/Mar/21 Updated: 04/Mar/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, daemon, UI |
Affects Version/s: | 2.5.39 |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
If a user is manually updating a group that is normally loaded via a loader with the "Import function" the loader job should "avoid conflicting" with the change the human/WS is making. I found this while trying to manually correct a group that the loader was not updating due to failsafe limits. I exported the correct current list and imported a file with "Replace existing members?" selected. However during the process the loader job also started "correcting the group" too. So some of my changes became errors in the UI. It would be good to avoid the user confusion and to generally allow the "Human to win". |
[GRP-3209] make the list of breadcrumb right clickable in the UI to the parts of the folder structure they are for. Created: 03/Mar/21 Updated: 03/Mar/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.5.43 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
When you view a group or a stem in the UI the breadcrum links only work if you "left click" on them. Please support right click and "open in a new tab". NOTE: This could be generalized to a request for all "links" too. |
[GRP-3176] Help link page text out of date with UI Created: 26/Feb/21 Updated: 26/Feb/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | David Malia | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 1 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | helplink.png outdated wording.png |
Description |
So I'm finally getting around to upgrading from grouper 2.3, and noticed this in grouper 2.4, and see it still exists in grouper 2.5 looking at the grouperdemo site.
The help link is useful, but it looks like the text is left over from the old Admin UI, and could confuse new users of Grouper. Example: Grouper end-to-end secenarios
That doesn't exist in the current GUI. "Explore" doesn't exist in the current GUI. "Group workspace" doesn't exist in the current GUI., "Entity workspace" doesn't exist either. I'm sure someone proof reading it, can find some other inconsistencies. Could it be added to the todo list to update the text to match the current GUI?
|
[GRP-3135] Better error message for users not allowed to login to Grouper UI Created: 11/Feb/21 Updated: 11/Feb/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Olivier Salaün | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
Grouper 2.4 |
Description |
We configured Grouper-UI to borbid access to the GUI unless user is member of a "uiAllow" group:
However when a user tries to login, though he's not listed in the uaAllow group he gets a very generic error message:
Wouldn't it make sense to have a better error message in this case? |
[GRP-3098] Ability to limit provisioning to specific targets by group for UI Created: 22/Jan/21 Updated: 08/Feb/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Erik Coleman (illinois.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 1 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
We have apps that are multi-campus, and many that are not. We would like to prevent some apps from setting up a provisioning target to the "wrong" campus. For example, if I have an LDAP target called "Urbana", I would like to only allow the ability to provision to that target from a special group of admins. Multi-campus app admins might have access to multiple targets and that's OK. I sort of do that now by only permitting a group to have access to the "etc:pspng:provision_to" attribute, however I cannot limit the values that are input so it's "all or nothing". I'm hoping the new provisioning framework could provide a level of access control, not only to provision at all, but to only allow certain targets. |
[GRP-3124] Ability to limit provisioning to specific targets by group for WS Created: 08/Feb/21 Updated: 08/Feb/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Erik Coleman (illinois.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
We have apps that are multi-campus, and many that are not. We would like to prevent some apps from setting up a provisioning target to the "wrong" campus. For example, if I have an LDAP target called "Urbana", I would like to only allow the ability to provision to that target from a special group of admins. Multi-campus app admins might have access to multiple targets and that's OK. I sort of do that now by only permitting a group to have access to the "etc:pspng:provision_to" attribute, however I cannot limit the values that are input so it's "all or nothing". I'm hoping the new provisioning framework could provide a level of access control, not only to provision at all, but to only allow certain targets. |
[GRP-1747] Group 2.3 Function (UI button) --> View Audit Log SQL timeout Created: 27/Apr/18 Updated: 05/Feb/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.3.0 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 3 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Chris,
I can inform you that for my search dropping the audit type id produced one more row being returned. "Added attribute assignment"
So as long as the UI can display a row like that. ( or the other audit type id values) then I think that is a good solution. Seeing when attributes are assigned (and which was assigned) would seem like a good thing to see too. – Carey Matthew Black.123@osu.edu
(EDIT: I forgot to explicitly say: * The query performed well. ( < 1 second ) * )
---- From: Hyzer, Chris <mchyzer@isc.upenn.edu> Sent: Friday, April 20, 2018 4:27 PM To: Black, Carey M. <black.123@osu.edu>; Subject: RE: Group 2.3 Function (UI button) --> View Audit Log SQL timeout
Add a jira please, when searching for uuids we don't need use audit_type_id at all, unless someone wants to debate that with me This will be a quick fix...
Can you see if the query is fast without audit type id?
WHERE ( this_.string04 = '3574b587e41b46f19c2787ade9ab09ca' OR this_.string02 = '3574b587e41b46f19c2787ade9ab09ca' OR this_.string01 = '3574b587e41b46f19c2787ade9ab09ca' OR this_.string06 = '3574b587e41b46f19c2787ade9ab09ca' OR this_.string03 = '3574b587e41b46f19c2787ade9ab09ca')
Thanks! Chris
---- From: Black, Carey M. Sent: Friday, April 20, 2018 4:01 PM Subject: [grouper-core] Group 2.3 Function (UI button) --> View Audit Log SQL timeout
I think this is a bug / enchantment request. So let me describe what I see and what I think I know....
Env: Grouper 2.3 on MariaDb ( Version: '10.2.14-MariaDB-log') Special note: " There is one other thing that might be of interest - it has a custom setting of optimizer_search_depth=0" REF: https://mariadb.com/resources/blog/setting-optimizer-search-depth-mysql However I don't think that setting is causing the issue. grouper_audit_entry ( table) has 48 M rows right now. ( not even a full years' worth of an audit.)
When I use the UI, view a group and use the Function (UI button) --> View Audit Log The UI "hangs"... and eventually "times out".
I dropped down to the DB and watched the "process list" and was able to capture the SQL that was running. When I run that SQL "by hand" ... it takes... forever... ( I have not actually waited long enough for it to finish... But I have waited for an hour...)
However, I spoke with a more knowledgeable "not a DBA" person about the query and they suggested something interesting to try... and the query dropped to less than a second to finish!
Grouper generated SQL (formatted for readability instead of a single very long line...) " SELECT this_.id AS id1_10_0_, this_.hibernate_version_number AS hibernat2_10_0_, this_.act_as_member_id AS act_as_m3_10_0_, this_.audit_type_id AS audit_ty4_10_0_, this_.context_id AS context_5_10_0_, this_.created_on AS created_6_10_0_, this_.description AS descript7_10_0_, this_.env_name AS env_name8_10_0_, this_.grouper_engine AS grouper_9_10_0_, this_.grouper_version AS grouper10_10_0_, this_.int01 AS int11_10_0_, this_.int02 AS int12_10_0_, this_.int03 AS int13_10_0_, this_.int04 AS int14_10_0_, this_.int05 AS int15_10_0_, this_.last_updated AS last_up16_10_0_, this_.logged_in_member_id AS logged_17_10_0_, this_.server_host AS server_18_10_0_, this_.string01 AS string19_10_0_, this_.string02 AS string20_10_0_, this_.string03 AS string21_10_0_, this_.string04 AS string22_10_0_, this_.string05 AS string23_10_0_, this_.string06 AS string24_10_0_, this_.string07 AS string25_10_0_, this_.string08 AS string26_10_0_, this_.duration_microseconds AS duratio27_10_0_, this_.query_count AS query_c28_10_0_, this_.user_ip_address AS user_ip29_10_0_, this_.server_user_name AS server_30_10_0_ FROM grouper_audit_entry this_ WHERE ( ( this_.audit_type_id = 'b51cc1fa35e74e9c91042c2b77951695' AND this_.string04 = '3574b587e41b46f19c2787ade9ab09ca' ) OR ( this_.audit_type_id = '43c9e640be604bfcbe3501a094329381' AND this_.string02 = '3574b587e41b46f19c2787ade9ab09ca' ) OR ( this_.audit_type_id = 'd743e9e2cf484f909707f45e692a7143' AND this_.string02 = '3574b587e41b46f19c2787ade9ab09ca' ) OR ( this_.audit_type_id = 'c84718a7d6ed486a8ec729119a414e48' AND this_.string01 = '3574b587e41b46f19c2787ade9ab09ca' ) OR ( this_.audit_type_id = '6850d73f0cdc4b769e738df4321c1c7c' AND this_.string04 = '3574b587e41b46f19c2787ade9ab09ca' ) OR ( this_.audit_type_id = '7d1806d5d17f46ecb222901ad6f2bcde' AND this_.string02 = '3574b587e41b46f19c2787ade9ab09ca' ) OR ( this_.audit_type_id = 'c9d6606c5cc34e93aca63c7673bf3db7' AND this_.string04 = '3574b587e41b46f19c2787ade9ab09ca' ) OR ( this_.audit_type_id = 'b68b2c7742a34acebc5216b29605da56' AND this_.string04 = '3574b587e41b46f19c2787ade9ab09ca' ) OR ( this_.audit_type_id = '78d1dc004f624e1cb2e3b000d55fb739' AND this_.string04 = '3574b587e41b46f19c2787ade9ab09ca' ) OR ( this_.audit_type_id = 'c5ed9cd3208a487187c22e788c5d252f' AND this_.string01 = '3574b587e41b46f19c2787ade9ab09ca' ) OR ( this_.audit_type_id = '78d1dc004f624e1cb2e3b000d55fb739' AND this_.string06 = '3574b587e41b46f19c2787ade9ab09ca' ) OR ( this_.audit_type_id = 'b51cc1fa35e74e9c91042c2b77951695' AND this_.string02 = '3574b587e41b46f19c2787ade9ab09ca' ) OR ( this_.audit_type_id = '43c9e640be604bfcbe3501a094329381' AND this_.string04 = '3574b587e41b46f19c2787ade9ab09ca' ) OR ( this_.audit_type_id = '6850d73f0cdc4b769e738df4321c1c7c' AND this_.string06 = '3574b587e41b46f19c2787ade9ab09ca' ) OR ( this_.audit_type_id = 'c6169fb1308547a6b23bd8f83429e934' AND this_.string01 = '3574b587e41b46f19c2787ade9ab09ca' ) OR ( this_.audit_type_id = 'b68b2c7742a34acebc5216b29605da56' AND this_.string06 = '3574b587e41b46f19c2787ade9ab09ca' ) OR ( this_.audit_type_id = 'c9d6606c5cc34e93aca63c7673bf3db7' AND this_.string06 = '3574b587e41b46f19c2787ade9ab09ca' ) OR ( this_.audit_type_id = '7c90939f260a4c4ba13b521ac456f3cb' AND this_.string01 = '3574b587e41b46f19c2787ade9ab09ca' ) OR ( this_.audit_type_id = '7d1806d5d17f46ecb222901ad6f2bcde' AND this_.string06 = '3574b587e41b46f19c2787ade9ab09ca' ) OR ( this_.audit_type_id = 'cf7260265907443bbdb02314d9ce2ffc' AND this_.string02 = '3574b587e41b46f19c2787ade9ab09ca' ) OR ( this_.audit_type_id = 'c5ed9cd3208a487187c22e788c5d252f' AND this_.string03 = '3574b587e41b46f19c2787ade9ab09ca' ) OR ( this_.audit_type_id = '4432fe9a76b74d818595e60c7d17a3b8' AND this_.string01 = '3574b587e41b46f19c2787ade9ab09ca' ) OR ( this_.audit_type_id = 'cd273399dd9944e09d132b5bb3f9e0e9' AND this_.string02 = '3574b587e41b46f19c2787ade9ab09ca' ) OR ( this_.audit_type_id = 'b3812b8c15b5421db52cfd4af1ee5817' AND this_.string04 = '3574b587e41b46f19c2787ade9ab09ca' ) OR ( this_.audit_type_id = 'f487688c07ee40f7beee911d51ead17c' AND this_.string01 = '3574b587e41b46f19c2787ade9ab09ca' ) OR ( this_.audit_type_id = 'b68b2c7742a34acebc5216b29605da56' AND this_.string02 = '3574b587e41b46f19c2787ade9ab09ca' ) OR ( this_.audit_type_id = 'cf7260265907443bbdb02314d9ce2ffc' AND this_.string04 = '3574b587e41b46f19c2787ade9ab09ca' ) OR ( this_.audit_type_id = 'f33ae045bd284dbc9a7e965dba1dccf5' AND this_.string01 = '3574b587e41b46f19c2787ade9ab09ca' ) OR ( this_.audit_type_id = 'b3812b8c15b5421db52cfd4af1ee5817' AND this_.string06 = '3574b587e41b46f19c2787ade9ab09ca' ) OR ( this_.audit_type_id = '6f5a24dee4c34f8e8b4a77dddf814f0c' AND this_.string02 = '3574b587e41b46f19c2787ade9ab09ca' ) OR ( this_.audit_type_id = 'c9d6606c5cc34e93aca63c7673bf3db7' AND this_.string02 = '3574b587e41b46f19c2787ade9ab09ca' ) OR ( this_.audit_type_id = 'a0ec507ee6f14cf587e3a513c4217c43' AND this_.string02 = '3574b587e41b46f19c2787ade9ab09ca' ) OR ( this_.audit_type_id = 'bbec1c063df04e949fbffbd1fc5f2f39' AND this_.string02 = '3574b587e41b46f19c2787ade9ab09ca' ) OR ( this_.audit_type_id = '7d1806d5d17f46ecb222901ad6f2bcde' AND this_.string04 = '3574b587e41b46f19c2787ade9ab09ca' ) ) ORDER BY this_.last_updated DESC LIMIT 50 "
However, if that where clause is rearranged to ( our improved version ) : " WHERE ( this_.string04 = '3574b587e41b46f19c2787ade9ab09ca' OR this_.string02 = '3574b587e41b46f19c2787ade9ab09ca' OR this_.string01 = '3574b587e41b46f19c2787ade9ab09ca' OR this_.string06 = '3574b587e41b46f19c2787ade9ab09ca' OR this_.string03 = '3574b587e41b46f19c2787ade9ab09ca') AND ( ( this_.audit_type_id = 'b51cc1fa35e74e9c91042c2b77951695' ) OR ( this_.audit_type_id = '43c9e640be604bfcbe3501a094329381' ) OR ( this_.audit_type_id = 'd743e9e2cf484f909707f45e692a7143' ) OR ( this_.audit_type_id = 'c84718a7d6ed486a8ec729119a414e48' ) OR ( this_.audit_type_id = '6850d73f0cdc4b769e738df4321c1c7c' ) OR ( this_.audit_type_id = '7d1806d5d17f46ecb222901ad6f2bcde' ) OR ( this_.audit_type_id = 'c9d6606c5cc34e93aca63c7673bf3db7' ) OR ( this_.audit_type_id = 'b68b2c7742a34acebc5216b29605da56' ) OR ( this_.audit_type_id = '78d1dc004f624e1cb2e3b000d55fb739' ) OR ( this_.audit_type_id = 'c5ed9cd3208a487187c22e788c5d252f' ) OR ( this_.audit_type_id = '78d1dc004f624e1cb2e3b000d55fb739' ) OR ( this_.audit_type_id = 'b51cc1fa35e74e9c91042c2b77951695' ) OR ( this_.audit_type_id = '43c9e640be604bfcbe3501a094329381' ) OR ( this_.audit_type_id = '6850d73f0cdc4b769e738df4321c1c7c' ) OR ( this_.audit_type_id = 'c6169fb1308547a6b23bd8f83429e934' ) OR ( this_.audit_type_id = 'b68b2c7742a34acebc5216b29605da56' ) OR ( this_.audit_type_id = 'c9d6606c5cc34e93aca63c7673bf3db7' ) OR ( this_.audit_type_id = '7c90939f260a4c4ba13b521ac456f3cb' ) OR ( this_.audit_type_id = '7d1806d5d17f46ecb222901ad6f2bcde' ) OR ( this_.audit_type_id = 'cf7260265907443bbdb02314d9ce2ffc' ) OR ( this_.audit_type_id = 'c5ed9cd3208a487187c22e788c5d252f' ) OR ( this_.audit_type_id = '4432fe9a76b74d818595e60c7d17a3b8' ) OR ( this_.audit_type_id = 'cd273399dd9944e09d132b5bb3f9e0e9' ) OR ( this_.audit_type_id = 'b3812b8c15b5421db52cfd4af1ee5817' ) OR ( this_.audit_type_id = 'f487688c07ee40f7beee911d51ead17c' ) OR ( this_.audit_type_id = 'b68b2c7742a34acebc5216b29605da56' ) OR ( this_.audit_type_id = 'cf7260265907443bbdb02314d9ce2ffc' ) OR ( this_.audit_type_id = 'f33ae045bd284dbc9a7e965dba1dccf5' ) OR ( this_.audit_type_id = 'b3812b8c15b5421db52cfd4af1ee5817' ) OR ( this_.audit_type_id = '6f5a24dee4c34f8e8b4a77dddf814f0c' ) OR ( this_.audit_type_id = 'c9d6606c5cc34e93aca63c7673bf3db7' ) OR ( this_.audit_type_id = 'a0ec507ee6f14cf587e3a513c4217c43' ) OR ( this_.audit_type_id = 'bbec1c063df04e949fbffbd1fc5f2f39' ) OR ( this_.audit_type_id = '7d1806d5d17f46ecb222901ad6f2bcde' ) ) " NOTE: The " this_.audit_type_id " part does have some dups in it. So it could be even shorter... NOTE: I understand that the select is not strictly "identical". ( technically) However, the audit_type_id value appears to be a foreign key from grouper_audit_type. I think the general idea of the select is to show all of the audit_type_id (values of interest) for the (in this case) "Group ID" that gets stuffed into the various String* columns. ( Why the groupID ends up in various columns... I don't know.. but I will assume there is a good reason for that .... variety.)
With this where clause the query returned in less than 100 ms !
So I am not sure where that query is constructed, or how to start to track it down... but I think it should be "reordered" so that it can work at scale. – Carey Matthew Black.123@osu.edu
|
Comments |
Comment by Carey Black (osu.edu) [ 05/Feb/21 ] |
This continues to be an issue.
I was able to capture a "long running search" again and found that it took over 4 minutes to complete. ( Clearly not acceptable for any user. Nor the UI/browser timeout limits.) I did a bit more playing with the SQL and I have verified these three things about the SQL that is being issued. 1) The current form is awful for performance. (now in container v2.5.39 using MariaDb ) where this_.audit_type_id in ('e4777eaa26b7409faa7952cdc7aad732','7373ed10d2ac4e28b6cb381fff852b9e','2fe264e912374e45b95f8467df272e8a','bb256be86bc345ec8cda51edd775b8ba','6850d73f0cdc4b769e738df4321c1c7c','e55e2e4502c94d34b3ec92ded0527d03','cd7e6bbd0ca64098826555740fb88312','43c9e640be604bfcbe3501a094329381','8f016b70706b4966b82d981fdd6d6c02','b51cc1fa35e74e9c91042c2b77951695','78d1dc004f624e1cb2e3b000d55fb739','b3812b8c15b5421db52cfd4af1ee5817','cf7260265907443bbdb02314d9ce2ffc','98b9e51894644776bd06a0796754666c') AND ( this_.string02='c142418a606547baa9b2e3250c3f0131' or this_.string01='c142418a606547baa9b2e3250c3f0131' or this_.string04='c142418a606547baa9b2e3250c3f0131' ) order by this_.last_updated desc limit 50 I don't know about the current version of Hibernate in the project, however, it looks like some version do support list of values being searched using the IN operator. |
[GRP-3116] UI function to union/complement an id list with a group, without needing to create a temp group Created: 03/Feb/21 Updated: 03/Feb/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.5.0 |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
To answer a policy question of which users from a list are in a group, the ways right now are (a) database query, (b) gsh script, or (c) create a temp group. Creating a temp group is the one way that normal users can use, but requires them to be able to create a group. Also, even for admins is extra steps to create a group to do the action, then delete it 10 seconds later.
|
Comments |
Comment by Chad Redman (unc.edu) [ 03/Feb/21 ] |
(d) export the group list, then compare in Excel. Normal users could do this one even if they can't create a group. |
Comment by Chris Hyzer (upenn.edu) [ 03/Feb/21 ] |
This already exists. There is an advanced membership query option where you setup the composites and who can use them. Let me know if you can’t find the docs for that |
Comment by Chris Hyzer (upenn.edu) [ 03/Feb/21 ] |
Should we put a link here and resolve this or is there something different needed? |
[GRP-3095] UI sorting of LDAP subject search results from a "free form" search Created: 21/Jan/21 Updated: 21/Jan/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.5.39 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Tim Darby | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
Grouper 2.5.39 |
Description |
University of Arizona's subject source is LDAP. When adding a member to a group in the UI, the "search on an entity" feature returns a list of CNs for people that don't appear to be in any particular sort order. looking at the various properties in subject.properties and grouper-ui.properties, I don't see a way to specify a particular LDAP attribute that can be used for sorting this results of this search. We use this for the free form search in subject.properties: |
[GRP-3091] Support unlimited count of favorites Created: 13/Jan/21 Updated: 13/Jan/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.5.39 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
REF: Grouper UI favorites and preferences user data. |
[GRP-3089] Advanced Membership UI: Ability to create a group based on the filtered result set. Created: 12/Jan/21 Updated: 12/Jan/21 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.5.39 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 1 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
The new filtering is very valuable/helpful. And it would be even more helpful if the results could be "saved as a new group". ( or maybe "exported as a list of identifiers" ?) A rough idea of how the UI might work: Add a feature to: |
Comments |
Comment by Carey Black (osu.edu) [ 12/Jan/21 ] |
Bonus idea: |
[GRP-3078] If external system test has multiple errors, UI only shows latest one Created: 31/Dec/20 Updated: 31/Dec/20 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.5.39 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
I am guessing that GuiScreenAction.newMessage() doesn't stack?
edu/internet2/middleware/grouper/grouperUi/serviceLogic/UiV2ExternalSystem.java:525
|
[GRP-3054] Show progress on large reference group additions Created: 15/Dec/20 Updated: 15/Dec/20 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.5.36, 2.5.37, 2.5.39 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Liam Hoekenga (umich.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
When deletions take a long time, the UI will display a message... The delete operation is still being processed... We've noticed when adding large reference groups to composite groups via the UI, the browser will spin for exactly 3 minutes, and then return to the UI having made no obvious changes. If you wait an "appropriate" amount of time and then check the UI, the change will have been made. Please consider adding a message similar to the deletion message. As it is now, the user doesn't know that their change wasn't just eaten and may try it repeatedly. |
[GRP-3042] Group Membership delta with or restore from Point in Time data..... Created: 02/Dec/20 Updated: 02/Dec/20 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.5.37 |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
It would be amazing to be able to: A) find and report on deltas (adds and removes) for group memberships with a previous Point in time for the group. ( What happened since....) B) full reset the membership to match a previous Point in time set. ( time machine ) C) Add missing from a previous Point in time set to the current set. ( restore lost souls without removing adds since the Point in time ) D) remove added since a previous Point in time set from the current set. ( remove erroneous adds without undoing removes since the Point in time ) Maybe a delta UI ( table ) could be created ordered by time with columns/buttons to auto select all "adds" or "removes". With two buttons to "undo" (adds) and/or "restore" (removes) based on the selected rows from the table. |
[GRP-3011] The “Search results” panel seems to not keep the 'Filter for' value and produces confusing results for the user. Created: 06/Nov/20 Updated: 01/Dec/20 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Search for anything in the upper right hand corner. Say the string “foo”. Actually I think the 'Filter for' value is being “reset” to “Everything” after every search. So set it to “Folders” click search. |
Comments |
Comment by Chad Redman (unc.edu) [ 01/Dec/20 ] |
Never mind, I had a typo in my search which explains lack of results
|
[GRP-3025] Visualization show recent memberships relations Created: 18/Nov/20 Updated: 18/Nov/20 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.5.0 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Show the relationship between a recent membership group and the group it pulls from. Maybe different arrows for whether it includes current members? |
[GRP-2998] Daemon job page get job links working in new tab Created: 22/Oct/20 Updated: 22/Oct/20 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.5.36 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 1 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
The daemon jobs page has a list of jobs, but to see the logs for a job you need to click on the link. The links only work when you click them directly. If you right click and open in a new tab, it's just another copy of the daemon jobs page. Also applies to the job options in the pull down menus. |
[GRP-2987] Visualization for Privileges Created: 14/Oct/20 Updated: 14/Oct/20 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
It would be helpful to be able to visualize and through the privileges that a Grouper access control policy has over other grouper objects. Displaying: It would be helpful if that "picture" could also be created as a "Report" as well. |
[GRP-2984] Allow a configuration option on a Member to alter the subject that is given "Admin" privileges on objects they create. Created: 13/Oct/20 Updated: 13/Oct/20 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, UI, WS |
Affects Version/s: | 2.5.35 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Currently: When a Subject creates an object in Grouper the system currently assigns "Admin" privileges to that subject if they do not already get "Admin" from inherited privileges to the new object.
Proposed: It would be helpful, for many use cases, if a Member ( Grouper local cache of the Subject ) could have a configuration that would request that a different Subject be used instead of themselves.
This would be effective with or without Inherited Privileges and should be used drive towards a "group" instead of a "person" being privileged to all objects.
Example cases: Subject is an "Admin" of a single application in Grouper. A WebService account (acting on behalf of a connected application/service)
All things they create should default to being owned by a group (Subject) that manages that application instead of the direct subject that created the object.
It would also be helpful if this could be a "list" of values for users who manage more than one application in Grouper. (A "default" could be identified for a Member too.) The UI could default to the default value and allow the user to select from the list of configured values before/during the create process. WS could allow the user to supply a value during create or use the configured default value.
It would also be helpful if the default value could be selected based on "location in Grouper" too. (An attribute on a parent stem could help with the selection of the correct value for a Subject. ) |
[GRP-2964] UI Config not sorting all values properly... Created: 23/Sep/20 Updated: 23/Sep/20 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.5.35 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 1 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | 2020-09-23_leftOutSome_otherJob_keys.png |
Description |
"Other jobs" section does not list all keys starting with "otherJob.". Some are left for the "Remaining config" section. |
[GRP-2953] UI for attribute assignments on attributes should "pad" in a column for "Group" to keep the values and columns alligned Created: 09/Sep/20 Updated: 09/Sep/20 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.5.29 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | 2020-09-09_2.5.29.attr_assignment_on_assignment_with_values.png |
Description |
The "Attribute Assignments" table that is show when assigning attributes to a Membership needs a bit of padding/spacing to make it make sense.
The "Enabled?" column sometimes has the "Assignment values" because there is no "Group" value for some rows. |
[GRP-2944] There is a group that is used as a Deny group for 3644 composite groups. I can navigate to the folder with the group. But when I try to "open the group".... the browser "times out" at exactly 60 seconds. Created: 02/Sep/20 Updated: 02/Sep/20 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
I have stumbled into an odd thing in my prod instance. There is a group that is used as a Deny group for 3644 composite groups. I can navigate to the folder with the group. But when I try to "open the group".... the browser "times out" at exactly 60 seconds. NOTE: I believe there are no members in the group. Any ideas on how to "fix that"? So it tops this query.. |
[GRP-2329] UI loader job does not select all valid PSPNG ldap configurations Created: 18/Sep/19 Updated: 22/Jul/20 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | 2.5.34 |
Type: | Improvement | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 1 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
REF: " If you use .ldapUrl, for instance, you can't create an LDAP loader job from the UI. It's looking for ".url" not ".ldapUrl" so the paragraph won't be visible. Note the pattern on 286 in GrouperLoaderContainer.java. " |
Comments |
Comment by Carey Black (osu.edu) [ 22/May/20 ] |
I suggest a single consistent set of properties be chosen by the project and that the consistencies include all "target systems". |
[GRP-2885] Configuration UI sorting, grouping and filtering Created: 16/Jul/20 Updated: 16/Jul/20 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Erik Coleman (illinois.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
It would be more helpful if there was a way to do any of the following in the configuration UI: (A) Filter only on certain filled-in attributes, such as only those in database, or in .properties file and/or the ability to suppress anything with <NotSet>. (B) Sort parameters alphabetically. There seems to be randomness in how they are sorted. (C) Group together all parameters by subclass. ie., changelog.consumer.<consumerID> or subjectAPI.source.<sourceid> params are sometimes together, but some others are way at the bottom of the list, in no particular order. Would be nice to be able to see (or even visually collapse) the list of params specified for a particular subject source. |
[GRP-2867] Show membership create date and who created the membership on the "Edit membership and privileges" sub page Created: 01/Jul/20 Updated: 01/Jul/20 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.5.29 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
It is really hard to find who created a membership and when the membership was created in the UI. One place it could be surfaced would be the "Edit membership and privileges" sub page. That page already gets data about the subject ( Unique ID, Email, Name, Description ) and shows any 'Start date' or 'End date' for the membership. I would like to see the create date and who created the membership as well. Or it could be added to the group member List in "advanced" mode? |
[GRP-2857] Users with "Create" privileges in a folder can see "Reports" on the "More Actions" button.. .only leads to an error message. "Error: not allowed to administer folder:" Created: 25/Jun/20 Updated: 25/Jun/20 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.5.29 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
When a user with only "Create" privileges on a folder try to use the "Reports" function on the "More Actions" ( menu/button ) the user is given an error of: If the user can not use the option, then it should be suppressed from the UI for the user. |
[GRP-2796] provide an option such that when i select a folder/group from the graph ui that it opens it in a new window? Created: 14/May/20 Updated: 14/May/20 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.5.28 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Michael Gettes (ufl.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Please, provide an option such that when i select a folder/group from the graph ui that it opens the folder/group in a new window? |
[GRP-2605] Selecting a group from the graph UI fails to display the group Created: 27/Feb/20 Updated: 12/May/20 |
|
Status: | Resolved |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.4.0 |
Fix Version/s: | 2.5.28 |
Type: | Bug | Priority: | Major |
Reporter: | Michael Gettes (ufl.edu) | Assignee: | Chad Redman (unc.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
latest image: a93u56w11p12 |
Issue Links: |
|
Description |
viewing the graphUI (visualization) and i select a group from the UI and I get a blank-ish page (header only) and the following in the log: 2020-02-27T18:18:08+00:00 UI:dev httpd;access_log;grouper_dev;ui;10.247.10.209 - gettes@ufl.edu [27/Feb/2020:13:18:08 -0500] "POST /grouper/grouperExternal/public/OwaspJavaScriptServlet HTTP/1.1" 200 55 "https://groups-dev.it.ufl.edu/grouper/grouperExternal/public/UiV2Public.index?operation=UiV2Public.postIndex&function=UiV2Public.error&code=ajaxError" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.100 Safari/537.36 OPR/67.0.3575.31" |
Comments |
Comment by Chad Redman (unc.edu) [ 12/May/20 ] |
Duplicated by GRP-2753. The underlying issue was creating a grouper session outside of a try/finally block. |
[GRP-2616] Add optional Content-Security-Policy header to UI Created: 17/Mar/20 Updated: 12/May/20 |
|
Status: | Resolved |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.5.0 |
Fix Version/s: | 2.5.28 |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chad Redman (unc.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
The Content-Security-Policy header tells the browser which external sites a page is allowed to access for css, javascript, images, etc. It can get flagged by security scans as missing. Tomcat by default sets some reasonable security headers, but the CSP isn't one of them, or even supported at all at the server level. Everyone needing this in Tomcat is expected to write their own servlet filter to add it.
|
Comments |
Comment by Chad Redman (unc.edu) [ 17/Mar/20 ] | ||||||||||||||
This is the csp header that is working for us at UNC. Grouper needs inline javascript including evals.
| ||||||||||||||
Comment by Chad Redman (unc.edu) [ 07/May/20 ] | ||||||||||||||
This could have been done with a grouper property, and then adding some code in GrouperUiFilter to add the header. But creating a separate Filter class is more effective, because it can be configured to apply to all pages, not just the ones covered by the GrouperUiFilter. To enable, add this to web.xml:
|
[GRP-2753] Visualization can't open object through links Created: 05/May/20 Updated: 12/May/20 |
|
Status: | Resolved |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.4.0.patch, 2.5.0 |
Fix Version/s: | 2.5.28 |
Type: | Bug | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chad Redman (unc.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Issue Links: |
|
Description |
I thought I had added the visualization links to the CSRF whitelist, but I don't see it. This needs /grouperUi/app/UiV2Visualization.groupView?* added to the whitelist, and then the errors should stop. |
Comments |
Comment by Chad Redman (unc.edu) [ 06/May/20 ] |
The real issue was that it was starting a new Grouper static session. Through a lot of dependent code, this caused the json builder for ajax to convert the user to a member, which had memberships, which threw errors when calling EVERY get method on a membership. Solution seems to be to put the session in a try/finally block. |
[GRP-2775] group restore and graph counts over time. Created: 08/May/20 Updated: 09/May/20 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.5.27 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Michael Gettes (ufl.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
from slack: |
Comments |
Comment by Carey Black (osu.edu) [ 09/May/20 ] |
I generally like this whole idea. What I am concerned about is the complexity of "time travel". RE: 1) a “point in time” restore. If the "restore to T3" was selected then the process would create new events ( changes to the group ) of Basically "automatically pressing the "undo" button on events from the PIT log of group. And the new events would be sent to CLC as "normal". Then you end up with a branch in the timeline at T2 where a new "T6" starts. If you then "rewiind" to T1 at some later date I would think that T3,T4 and T5 should NOT be in the "undo button of events" list. ( But they would be in the linear timeline from T100 back to T1. ) So maybe it could be done.. if a PIT is marked as "already undone" then it could be skipped later...... I guess I think this really should be the same as "3) “play backward”" IMO. If the point of "restore to a point in time" is to just "get the old list of members" an "replace the group with that set" Then lots of "add/removes" might be skipped which could break CLC's until a "full sync" process squares things up again. And if that is the desire... then how about a way to "export members to file from a Point in time"? Then the user could "throw file at server" or figure out the delta and do something else on the remote side too. If there was also a "delta between point in time X and point in time Y" that could be helpful to see the "adds/removes" across time. ( And might be helpful to correct errant systems due to other kind of "external to Grouper" issues. ( System restore due to external systemDB failure, etc...) RE: 2) “play forward” |
[GRP-1465] Folder/Group Structure template Created: 18/Jan/17 Updated: 08/May/20 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
All (Feature request) |
Description |
It would be very helpful if a Grouper install could be configured to have a set of "predefined structures" that could be used to quickly create a new variant of that predefined structure. I am trying to use "folder1:XXX" to show relitive group/folder names" and "REF:...: " to show absolute references to things outside the scope of "folder1:..." A very simple example of a template: This is a single folder template. ( but it could be a structure of folders) The "folder1:Users" group is a subtraction of "folder1:Allowed" - ( folder1:App Exclude Group + REF:REF2:REF4:REFN...:"master Exclude group") Folder1
The string for "Folder1" would be definable as the "New template" is created in the UI. [ It would be great if the strings could have a "variable replacement model" It would also be greate if ANY name in the template should support this kind of "place holder"/"Prompt string" concept. And the value should only be prompted for once. AKA: only one "New App Name" value will be collected, but it will be substituted into as many folder/groups/attribute values where the $$$New App Name$$$ exists in the template. However, the sub groups/folders and their predefined permissions (relative to "Folder1") would not be editable during the creation of the "APP-BOBsApp" folder. And the predefined members of other groups outside of "Folder1" would be auto added to the new folder/groups being built. This would allow a "Grouper Admin" to "template" a structure (of folders/groups) that would be created (new) or referenced existing (hard coded from outside of "folder1"). This "Template" could be identified as a "folder" (or Group) template. Then Users who are allowed to "Add" (group or folders) could select a template in the "Add a new Folder/Group/Template" process. If the logic is done generically enough, an "Extract Template" could also be added to use existing folder/group structures to create a new Template too. ( Basically clone what exists, make relative reference where possible and leave all other "external refs" in tact as "hard coded" pointers in the template. A Grouper Admin could then refine/correct the template as needed to make it more generally useful.) I am picturing a "template" folder/branch similar to the Grouper Administration -->attribute folder to store the template definitions and allow the Grouper Admins to edit/maintain them there. |
[GRP-2766] provide for deleting empty groups in UI Created: 07/May/20 Updated: 07/May/20 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.5.27 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Michael Gettes (ufl.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
From Slack: |
Comments |
Comment by Chris Hyzer (upenn.edu) [ 07/May/20 ] |
can you please give a specific flow of what screen and button and text and options the user should see? Thanks! |
[GRP-2735] Ui loader diagnostics for SUBJECT_ID_OR_IDENTIFIER reports error Created: 02/May/20 Updated: 05/May/20 |
|
Status: | Resolved |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.4.0, 2.5.0 |
Fix Version/s: | 2.5.27 |
Type: | Bug | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chad Redman (unc.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Wiki states that a group loader can have a column for SUBJECT_ID_OR_IDENTIFIER. However, when running diagnostics in the UI, there is an error. SQL:
Error
|
[GRP-2736] Membership tab ( on Members, Groups, etc...) should have more "sort/filter" options Created: 02/May/20 Updated: 02/May/20 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
I find myself often wanting to answer questions like: If the default filter options could allow / help a user know the above it would be much more helpful than the existing UI list filtering. Specifically, the following would be helpful: Limit to: ( prefer drop-down lists based on values from the data set, Created by user : Null allowed for "all" or a drop-down lists of all users who created the object(s) being filtered. Examples: Creators of all members in a group, Creators of all objects in a Stem, |
[GRP-2683] Package base properties into their respective jars Created: 15/Apr/20 Updated: 22/Apr/20 |
|
Status: | Resolved |
Project: | Grouper |
Component/s: | API, provisioning, UI, WS |
Affects Version/s: | None |
Fix Version/s: | 2.5.23 |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chad Redman (unc.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
If you use grouper jars outside of the container, you no longer need to have the base properties file in the classpath. Just use the jar and you can have the non base properties file in the classpath. In fact, if you use a base properties file in your classpath, you might want to remove it, so when you upgrade the jar you automatically get the new base properties (in the jar). If you need to refer to the base properties file, you can unzip the jar and grab it, or you can git it from git. |
Comments |
Comment by Chad Redman (unc.edu) [ 15/Apr/20 ] |
The only one missing properties was the grouper jar. These are now added to the jar:
GrouperClient and activeMq already had their base properties packaged. |
Comment by Chris Hyzer (upenn.edu) [ 16/Apr/20 ] |
i assume this will be fixed in 2.5.23. |
[GRP-2416] folder menu tree add options to limit attributeDef and attributeDefNames Created: 09/Nov/19 Updated: 17/Apr/20 |
|
Status: | Resolved |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.2.0, 2.2.1, 2.2.2, 2.3.0, 2.4.0 |
Fix Version/s: | 2.4.0.patch, 2.5.0 |
Type: | New Feature | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chad Redman (unc.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
There are existing grouper-ui properties to limit the number of stems (uiV2.treeStemsOnIndexPage:30) and groups (uiV2.treeGroupsOnIndexPage:30) that are displayed in the folder menu tree. The tree also displays attributeDef and attributeDefName items. But there is a hard limit of 10 items, and this is in Java code and not configurable. |
Comments |
Comment by Chad Redman (unc.edu) [ 09/Nov/19 ] |
master branch 24e90474. Should this be a 2.4 patch? |
Comment by Chad Redman (unc.edu) [ 17/Apr/20 ] |
2.4 patch grouper_2_4_0-a84-u52-w10-p12 |
[GRP-2489] add optional entity (subject) input to group or folder visualization Created: 18/Dec/19 Updated: 16/Apr/20 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chad Redman (unc.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | GRP-2489Idea0.png GRP-2489Idea.png image-2019-12-19-10-03-09-646.png |
Description |
you take a policy, you input a person, and it lights up red and green with where the user is in or not in groups. you can more easily see why the user is in or is not in the policy...
|
Comments |
Comment by Chris Hyzer (upenn.edu) [ 19/Dec/19 ] |
Jeffrey Williams (uncg.edu) Yes, there are multiple ways to analyze a membership. Maybe there should be a link there too. But dont you think the entity combobox should be at the top of the visualization screen instead? Thanks |
Comment by Jeffrey Williams (uncg.edu) [ 19/Dec/19 ] |
Some thoughts: I like the idea of this functionality and think it is great for illustrating to others how an entity's membership flows through a policy. Do we think there is a desire to have a traceMembership style of presentation as well? It's possible the two can be combined on one page, but a separate presentation would certainly work.
Next thing I thought of was where more casual users would have occasion to ask this question. First that came to mind was while using the the membership filter. During filtering events where a filter for an entity returns 0 results, but a user would like to know why a user isn't there(screengrab illustrates a population group, which may also be applicable), a link could be presented to kick off the analysis for that particular entity.
Also, if a user knows an entity is not in a policy up front and wants to know why, perhaps we can re-use the filter menu and add an additional drop-down to switch between filtering actions and policy membership analysis?
|
Comment by Chris Hyzer (upenn.edu) [ 19/Dec/19 ] |
yes, the more the better as far as where to look for features Chad, lets discuss this before starting |
Comment by Jon Miner [ 26/Dec/19 ] |
I love this idea, both ways. The visualization would be great (and drilling down ad infinitum), but our support (service owners and HD) often just want to look at a group and see which of the groups (presumably ref groups, but maybe just other groups they've created) someone is in or isn't in, not recursing. I'm comfortable (especially in v1) making them click in to the next group (assuming they have READ, if not, they can't) to continue looking, as it'll help reduce confusion and assumptions (especially from HD who can see a bunch of things that they don't necessarily understand). |
[GRP-2490] permission names not in left tree menu Created: 18/Dec/19 Updated: 16/Apr/20 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chad Redman (unc.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
I sent an email that I didnt want to be in Jira with an example screenshot... |
Comments |
Comment by Chris Hyzer (upenn.edu) [ 18/Dec/19 ] |
From: Hyzer, Chris
Well the jira is there we can troubleshoot at some bug roundup, no biggie. Maybe the AttributeDefNameFinder defaults to “attribute” type…
From: Redman, Chad <chad_redman@unc.edu>
They should show up if they are returned by AttributeDefNameFinder() and have ATTR_VIEW_PRIVILEGES for the subject (unless there is a bug). Are permission names different enough that they wouldn't be returned by that? I'm not familiar with them. They just happen to have the same icon?
From: grouper-core-request@internet2.edu [grouper-core-request@internet2.edu] On Behalf Of Hyzer, Chris
Does left menu show attribute names but not permission names (which are a type of attribute name)? See its not in left folder? |
[GRP-2491] add "implies action" visualization Created: 18/Dec/19 Updated: 16/Apr/20 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chad Redman (unc.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
For an attribute definition, if it is of type "permission", then add a "More actions" menu item that is "Visualization" That subpage should allow two possibilities
Here is example from legacy applet just for reference, doesnt need to be anything like this https://www.youtube.com/watch?v=DzBvOteaXJM Actions should point from the action that implies the other action to the action it implies (container to containee) The permission actions UI tab should have a simple link to Visualize all actions These visualizations should have similar controls as the other visualizations where it has max elements (e.g. 1000), and can share or have other configs as needed. Simpler the better though
|
[GRP-2492] add "implies resource" visualization Created: 18/Dec/19 Updated: 16/Apr/20 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chad Redman (unc.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
For an attribute definition, if it is of type "permission", then add a "More actions" menu item that is "Visualization" That subpage should allow two possibilities
Here is example from legacy applet just for reference, doesnt need to be anything like this https://www.youtube.com/watch?v=DzBvOteaXJM Attribute names that are from a permission def which is of type "permission" should have a Visualize button in the "More actions" that visualizes that one permission name in both directions (implies and implied by) These visualizations should have similar controls as the other visualizations where it has max elements (e.g. 1000), and can share or have other configs as needed. Simpler the better though Link the visualization from the resource hierarchy screen
|
[GRP-2493] add Grouper permission role hierarchy visualization Created: 18/Dec/19 Updated: 16/Apr/20 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chad Redman (unc.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
For groups that are roles, in the existing visualization screen, there should be a submenu to be able to visualize role hierarchies. arrows from roles to the roles whose permissions they absorb e.g. from Superadmin -> Admin For folders, in visualization, have a visualization option in the visualization screen that allows visualization for all roles in that folder (and subfolder). find groups which are also roles in one query. link from role hierarchy screen UiV2Main.index?operation=UiV2Role.roleEditInheritance&groupId=8496 |
[GRP-2664] all daemon jobs screen add filter by number of changes Created: 10/Apr/20 Updated: 10/Apr/20 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.5.0 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
In a loader job that runs frequently, there are a lot of log rows that don't show anything interesting. If it had the ability to filter out logs where there were no changes, it would make it quicker to locate the runs where the job made some change. Maybe separate filters for add/update/delete, for minimum count to include in the results? |
[GRP-2633] Status url ( maybe something in the UI for "admin/Wheel only users") to verify the current group version with the "latest info" about that version. Created: 01/Apr/20 Updated: 01/Apr/20 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Since the current plan is for people to manually check a wiki page it would be helpful if that was baked into the "Grouper monitoring" process too. This would allow deployed versions to:
|
[GRP-2611] Loader jobs should be able to add attributes and values to Groups or memberships that are loaded Created: 06/Mar/20 Updated: 06/Mar/20 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 1 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
It would be helpful to be able to load "meta data" onto groups and/or memberships via loader jobs.
use cases could include data (for groups or memberships) like: "Last refreshed/updated" |
[GRP-2610] Workflows should support uploading/downloading files as input types Created: 05/Mar/20 Updated: 05/Mar/20 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
There are several examples of workflow that would benefit from either providing a file to a user/group or collecting a file from a user/group. Something like an Question / answer kind of thing. where who answers is decided at run time by the person asking the question. An example might be ... "Hey Chris... give me your public key" and I will add it to the server." Or "Hey Application Owner team. Review this file and approve as is, or upload an updated file." |
[GRP-2581] incremental SQL Loader job - grouperLoaderGroupsLike to support multiple patterns Created: 05/Feb/20 Updated: 05/Feb/20 |
|
Status: | Open |
Project: | Grouper |
Component/s: | grouperLoader, UI |
Affects Version/s: | 2.4.0 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Michael Gettes (ufl.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
containers - latest |
Description |
We build loader jobs based on function... so we make heavy use of SQL_GROUP_LIST and thousands of groups being managed. BUT, when we have to manage groups in various parts of the tree, grouperLoaderGroupsLike becomes problematic within a single loader job. We would like to be able to specify multiple patterns for grouperLoaderGroupsLike. This would allow us to distill 8-12 distinct loader jobs into a single loader job. while the loader job is complex SQL it simplifies the management of loader jobs over all. |
[GRP-2564] Internationalization broken by grouper_v2_4_0_api_patch_55 and grouper_v2_4_0_ui_patch_34 Created: 24/Jan/20 Updated: 31/Jan/20 |
|
Status: | Reopened |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Major |
Reporter: | Olivier Salaün | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
Grouper 2.4.0 |
Attachments: | Capture du 2020-01-30 17-13-56.png grouper-ui-patch-33.png grouper-ui-patch-34.png |
Comments |
Comment by Olivier Salaün [ 24/Jan/20 ] | ||||||||||||||||
We noticed that Grouper 2.4.0 with latest patches applied fail to apply internationalization on Grouper UI. Looking at latest commits on the project we suspected this one: https://github.com/Internet2/grouper/commit/9e68666d079e2288b602fe4f2f7486fa7751feac#diff-4766db6beeb0239bb2ad7260fbbc7896
We had the confirmation that grouper_v2_4_0_api_patch_55 and grouper_v2_4_0_ui_patch_34 introduced the bug as follows:
No significant error found in Grouper logs. Attached are screenshots showing the translations problem. | ||||||||||||||||
Comment by Chris Hyzer (upenn.edu) [ 24/Jan/20 ] | ||||||||||||||||
it works, but you need to adjust it to this. then keep your file as is:
grouperText/grouper.text.fr.fr.properties
| ||||||||||||||||
Comment by Olivier Salaün [ 27/Jan/20 ] | ||||||||||||||||
Hi Chris, thank for your answer.
I tried renaming grouper.ui-2.4.0/dist/grouper/WEB-INF/classes/grouperText/grouper.text.fr.fr.properties to grouper.ui-2.4.0/dist/grouper/WEB-INF/classes/grouperText/grouper.textNg.fr.fr.properties. I also adapted grouper.ui-2.4.0/dist/grouper/WEB-INF/classes/grouper-ui.properties as follows :
Then restarted tomcat. But the Grouper UI is still in English. Did I misundestood your suggestion? | ||||||||||||||||
Comment by Olivier Salaün [ 28/Jan/20 ] | ||||||||||||||||
I also checked grouper.ui-2.4.0/dist/grouper/WEB-INF/classes/grouperText/grouper.textNg.fr.fr.base.properties and it starts with:
Therefore my initial grouper-ui.properties below should do the job too:
But none seems to have any effect. Any way I could determine if the problem is either related to message catalog loading or locale configuration? | ||||||||||||||||
Comment by Olivier Salaün [ 29/Jan/20 ] | ||||||||||||||||
I'm afraid I'm not familiar enough with Grouper code to dig into https://github.com/Internet2/grouper/commit/9e68666d079e2288b602fe4f2f7486fa7751feac#diff-4766db6beeb0239bb2ad7260fbbc7896. Not applying grouper_v2_4_0_api_patch_55 and grouper_v2_4_0_ui_patch_34 would be an option, but I guess many newer patches rely on these.
| ||||||||||||||||
Comment by Olivier Salaün [ 31/Jan/20 ] | ||||||||||||||||
I did some remote debugging of the code (with grouper_v2_4_0_api_patch_55 and grouper_v2_4_0_ui_patch_34). In GrouperConfig::textBundleFromCountry() method the loop through properties only finds grouper.text.bundle.1.filenamePrefix | ||||||||||||||||
Comment by Olivier Salaün [ 31/Jan/20 ] | ||||||||||||||||
Eventually I got it: grouper.text.bundle.* properties are no more loaded from grouper-ui.properties but from grouper.base.properties. It would be a good idea to:
|
[GRP-2575] UI (maybe WS too?) ability to bulk add list of Groups to a folder from a "CSV"/"copy and paste" inputs Created: 31/Jan/20 Updated: 31/Jan/20 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Much like the ability to add a list of members to a group in bulk. There are times when a "set of groups" or a "set of folders" need to be created too. It would be helpful ( to some users ) to be able to do these operations in "one action" from "a list". |
[GRP-2569] Provide ability to kill a specific job/task/thread within Loader. Created: 27/Jan/20 Updated: 27/Jan/20 |
|
Status: | Open |
Project: | Grouper |
Component/s: | daemon, UI |
Affects Version/s: | 2.4.0 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Michael Gettes (ufl.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Provide API and UI for killing a specific "job" within the loader. Other job, a CLC, whatever. |
[GRP-2567] No busy spinner on large subject add in UI Created: 24/Jan/20 Updated: 24/Jan/20 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.4.0 |
Fix Version/s: | None |
Type: | Bug | Priority: | Major |
Reporter: | Michael Gettes (ufl.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
tier image 2.4 latest |
Description |
on adding members of size to a group via Add Members there is no visual queue (the spinner - whatever you call it) on pressing submit button. |
[GRP-2552] Visualization: error when user graphs and something isn't accessible. Created: 10/Jan/20 Updated: 17/Jan/20 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.4.0 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Michael Gettes (ufl.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
tier image 2.4.0 latest |
Attachments: | image001.png |
Description |
see image of error presented when someone tries to graph and they don't have access to a subject.
|
Comments |
Comment by Michael Gettes (ufl.edu) [ 10/Jan/20 ] |
|
Comment by Michael Gettes (ufl.edu) [ 17/Jan/20 ] |
Removing height width and viewbox from the dot output allowed me to generate an svg I could properly view and print outside of grouper.
|
[GRP-2536] all daemon jobs screen should allow to run daemons without overall status or most recent status of SUCCESS Created: 06/Jan/20 Updated: 06/Jan/20 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-2534] security.show.folders.where.user.can.see.subobjects should default to false Created: 05/Jan/20 Updated: 05/Jan/20 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | 2.5.0 |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
grouper.properties: better performance for large deployments
security.show.folders.where.user.can.see.subobjects = false |
[GRP-2494] make ui ipv6 friendly Created: 20/Dec/19 Updated: 20/Dec/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
----
GrouperUtil.ipOnNetwork() doesn't work for IPv6 subnets. The
// might work for ipv6?
works if I have the exact IP specified. There's nothing in the documentation to suggest that IPv6 is mostly broken with this regard. There are some libraries out there that you could possibly use to calculate the v6 subnets, but updating the grouper-ui.properties configuration file to state that v6 has to be per IP would be helpful for future people looking at this.
If you need a test case, my values are:
grouperUi.configurationEditor.sourceIpAddresses = 2001:4930:106::0/122
with my IP being 2001:4930:106::20
Thanks.
Richard |
[GRP-2484] Graph UI Created: 13/Dec/19 Updated: 13/Dec/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | New Feature | Priority: | Major |
Reporter: | Michael Gettes (ufl.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
As proposed and discussed at Advanced CAMP TechEx19 - a Graph UI based on the "visualization" code to navigate grouper for folders and groups. When opening a group, open a new page using the existing UI (what is nominally referenced as the "new UI"). Preferences for navigation would impact the radius of what is displayed. Using D3 - dynamically adding nodes to the graph would be nice or switching to a new focal point in the graph should be possible. It may be necessary to maintain cached group counts in group objects to speed up operations. |
[GRP-2479] attestation coverage report(s) Created: 06/Dec/19 Updated: 06/Dec/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | daemon, UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 1 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Attestation is a great start. However, I am seeing a need to be able to report on attestation, and to be able to do attestation on another significant part of the Grouper system. ( group math )
General goal is to have all memberships of a group to be attested. However since the memberships (and parts of the group math) may be controlled by others, the map of who needs to attest can get complicated and hard to configure on a "group by group" basis.
What I propose is a new feature that would allow a user to configure an "attestation coverage report" for a "primary" group. Such that two distinct things would be reviewed and attested. However since some of the memberships maybe the result of "group math" those groups in the math may not need attested directly by the managers of the "primary group". Rather the "reference groups" and "system of record" groups that feed into the "group math" need to have their memberships attested buy their own managers. I think the challenge would likely be due to the possibility that some of the group may may not be visible to the "primary group". ( deny groups, for example )
Due to the complexity of configuring this and the possible privilege driven limits this kind of an "audit function" should be built into Grouper for users to "turn on/off" and "lightly configure" to meet their needs. And using the group type values and/or privileges to help drive this logic seems to be the right way to guide the function/separation of the boundaries for recursive lines of attestation in the group math. |
Comments |
Comment by Angel Fancher [ 06/Dec/19 ] |
It's an absolutely marvelous idea. Attestation is already wonderful, but being able to get that in addition to it would be wonderful and make reporting quite a bit easier. |
Comment by nick.roy@at.internet2.edu [ 06/Dec/19 ] |
This feature would help us manage group memberships for the InCommon Federation Manager much more easily as well. |
[GRP-2438] Add time picker UI component Created: 21/Nov/19 Updated: 21/Nov/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.4.0 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 1 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
The UI currently is using an open source widget for a date picker. But we do not have one for a time picker. This would be for use in various reporting filters. The dijit project has its own date and time pickers, but Grouper only pulls a minimal set of widgets from it for performance, and it doesn't include the date and time pickers. |
[GRP-2387] Improve UI by allowing group member list to include subject source. Created: 28/Oct/19 Updated: 28/Oct/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Jeffrey Crawford | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 2 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
Production |
Description |
Following the design on the Grouper Tier Deployment guide. If a group has a lot of members that are other groups. It would be helpful to see the list of members based on subject source. Bonus points for allowing the user to filter on multiple subject sources. |
[GRP-2385] UI config screen doesnt show config items which are not in the base config Created: 28/Oct/19 Updated: 28/Oct/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-2377] Problems with UTF-8 display in UI Created: 25/Oct/19 Updated: 25/Oct/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.4.0 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Paul Engle (rice.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
tier/grouper:2.4.0-a77-u49-w10-p11-20191024-rc1 docker image |
Attachments: | Grouper_UTF8.png GRP-2377_headers.txt |
Description |
I'm testing the latest grouper 2.40 docker image, only overlaying our subject.properties, grouper.hibernate.properties, and grouper-loader.properties. For a subject with a UTF-8 first name, I'm seeing it displayed properly in the header 'Logged in as' name, but not in the main body of the page. I'll attach a screenshot of the subject view I'm seeing. I can include our subject.properties, if need be. Chris also asked for headers, so I'll attach those, too, but there's not much there. The name is stored correctly in the database.
I tried rolling back to our container built from an earlier image (tier/grouper:2.4.0-a29-u14-w3-p2-20190217-rc1), and the problem was still there.
|
[GRP-2361] ui for import / edit / delete database configuration Created: 17/Oct/19 Updated: 17/Oct/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | 2.4.0.patch, 2.5.0, 2.4.1 |
Type: | New Feature | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-2046] Java 11 compatibility Created: 27/Feb/19 Updated: 16/Oct/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, grouperClient, UI, WS |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chad Redman (unc.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Between Java 8 and 11, some classes have moved out of of the Java runtime. To run with Java 11, these need to be supplied as standalone libraries. Also, some libraries may need to be upgraded to be compatible. Jim Fox reports that the UI is working fine for them after a few adjustments
|
Comments |
Comment by cer28 [ 27/Feb/19 ] | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
My quick testing, needed these to get gsh to work: (new) javax.xml.bind:jaxb-api:2.3.1 There is no longer a groovy-all jar. It's split up into 21 different jars, and we probably don't need all of them (e.g. the test jars). This was enough to get gsh working, but I haven't tested the UI yet. The grouperClient build deprecation warnings are about the same as before, so the com.misc.Unsafe calls haven't gone away, despite the threats. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Comment by Chad Redman (unc.edu) [ 29/Jun/19 ] | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Build errors with grouper-client and openjdk 11.0.2. It won't build at all with ant's javac source/target set to 1.5. This is what it gives when changing to 1.8:
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Comment by Chad Redman (unc.edu) [ 16/Oct/19 ] | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Per discussion, we will remain on Java 8 for version 2.5 |
[GRP-2355] ability for a group to be configured to only SEARCH and ALLOW subjects from a list of Subject Sources. BONUS if you can restrict the members to a Grouper Local Entities (or groups) in a specific folder/sub folders too. Created: 05/Oct/19 Updated: 05/Oct/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Major |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Similar to the "requiredGroup" feature, However, configuration based on the group that limits the ability for users to select members and supports the same kind of limits for Grouper Local Entities as well.
This would be a good way to allow "service accounts" for a target provisioned system to be defined ( as local entities ) and restricted to only be usable in the groups that would be provisioned to the system where those accounts exist.) |
[GRP-2353] if visualization folder has same name as type, just show once Created: 04/Oct/19 Updated: 04/Oct/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chad Redman (unc.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | image-2019-10-04-13-12-02-210.png |
Comments |
Comment by Chris Hyzer (upenn.edu) [ 04/Oct/19 ] |
|
[GRP-2351] advanced memberships search should do subject filtering Created: 04/Oct/19 Updated: 04/Oct/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 2 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Allow filtering by subject source, or something like non-group subjects |
[GRP-2341] deamon search field cant find 'workflow' Created: 29/Sep/19 Updated: 29/Sep/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
when i search for "workflow" on the daemon search screen, i dont see the two workflow jobs... |
[GRP-2339] error creating group that used to exist with same name Created: 27/Sep/19 Updated: 27/Sep/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Error creating group: Subject not found: 'g:gsa': '0b2fb27edfca4a2daa7dfb6a24588815', Problem in HibernateSession: HibernateSession (2b0c9c): notNew, notReadonly, READ_WRITE_NEW, activeTransaction, session (1ffaff3), Problem in HibernateSession: HibernateSession (14001dd): new, notReadonly, READ_WRITE_NEW, notActiveTransaction, session (1ffaff3), Problem saving group: penn:presidentsOffice:archives:etc:archivesAdmins, thread: 1e4b831
hmmm, cant find stack |
Comments |
Comment by Chris Hyzer (upenn.edu) [ 27/Sep/19 ] |
there is no stack because subject not found. error is because rule for privs is now invalid. |
[GRP-2249] member batch import incompatible with content security policy blocking iframes Created: 15/Jul/19 Updated: 27/Sep/19 |
|
Status: | Resolved |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.3.0, 2.4.0 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chad Redman (unc.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Our institution adds a content security policy header to Grouper pages at the web server level. We have had to allow inline scripting including evals, which is fine. We have not enabled iframes, which for the most part has no problems. But it does affect the "import a list of members" page, which no longer works because browsers refuse to do the ajax call since it creates a temporary iframe. CSP Header:
Browser debugger log:
I only see the iframe being set as an option for the ajax call. If this setting is removed, does the file upload still work? Or does the ajax file upload create its own frame no matter what, so the only solution is to modify the content security policy?
|
Comments |
Comment by Chad Redman (unc.edu) [ 15/Jul/19 ] | ||||||||
Confirmed through browser debugger that the iframe option isn't necessary for file uploads. grouperUi.js:guiSubmitFileForm():2110
| ||||||||
Comment by Chad Redman (unc.edu) [ 15/Jul/19 ] | ||||||||
ref: https://github.com/jquery-form/form#iframe
I think we are always using xhr, right? | ||||||||
Comment by Chris Hyzer (upenn.edu) [ 15/Jul/19 ] | ||||||||
i think for ajax you need an iframe right? I dont remember the specifics, but we added that to solve some issue. If you can get it to work without the iframe go for it | ||||||||
Comment by Chad Redman (unc.edu) [ 02/Aug/19 ] | ||||||||
Do you remember what the issue was? If I comment out the iframe option, the upload still works. | ||||||||
Comment by Chris Hyzer (upenn.edu) [ 20/Aug/19 ] | ||||||||
fixed in grouper_v2_4_0_ui_patch_44 |
[GRP-2299] LDAP loader Updaters and attrUpdaters field using same value Created: 25/Aug/19 Updated: 27/Sep/19 |
|
Status: | Resolved |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.4.0, 2.3.0.patch |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chad Redman (unc.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | GRP-2299.png |
Description |
When updating an LDAP loader job in the UI, the "Updaters" and the "Attribute updaters" are using the same field name. Thus, whatever is put into the updaters field also becomes the attribute updaters. See attached image |
Comments |
Comment by Chris Hyzer (upenn.edu) [ 27/Sep/19 ] |
fixed in grouper_v2_4_0_ui_patch_44 |
[GRP-2300] LDAP loader in UI shows subject attribute as required differently from wiki Created: 25/Aug/19 Updated: 27/Sep/19 |
|
Status: | Resolved |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.4.0, 2.3.0.patch |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chad Redman (unc.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
The wiki states for LDAP loaders: https://spaces.at.internet2.edu/display/Grouper/Grouper+-+Loader+LDAP
However, the UI shows this field is required (has the required field asterisk) for LDAP_GROUPS_FROM_ATTRIBUTES, and not required form LDAP_GROUP_LIST. For an attribute loader, you can still leave it blank and there are no errors, despite it looking required. For a group loader, however, it doesn't show it as required, but there is still a UI error of "Subject attribute name is required when loader type is LDAP_SIMPLE or LDAP_GROUP_LIST" if you don't put it in. |
Comments |
Comment by Chris Hyzer (upenn.edu) [ 27/Sep/19 ] |
fixed in grouper_v2_4_0_ui_patch_44 |
[GRP-2332] Inherited Privileges should be assignable for Local Entities Created: 20/Sep/19 Updated: 20/Sep/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.4.0 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Inherited privilages appear to only be applicable to Folder(stems), Groups, and Attributes. Now that Local Entities are UI objects that class of objects should be added to the inherited privileges types. |
[GRP-2326] grouper ui does not expand when there is a wide table inside Created: 15/Sep/19 Updated: 15/Sep/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 1 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
From: Black, Carey M. <black.123@osu.edu>
Chris,
What? You can't guess what HTML elements I was talking about? ( Really? 😊 Read my mind man! ) Sorry about that. I did test it. I swear I did. ( But I did not record the details. So I tested it in a non-reproduceable way. ☹ Grumble... bad user... bad.....)
( takes a second to clear his throat …. ) Take two....
Ok for the " Home > Miscellaneous > Loader jobs" screen it likely should "just overhang". But it works to show the idea that happens in the UI from time to time/place to place.
My setup ( in chrome ) The table (#grouperMainContentDivId > div.row-fluid > div > table) just goes off to the right. Add " table-layout:fixed;" to the element.style for the table. Add " overflow: scroll;" to the column(s) in the table. #grouperMainContentDivId > div.row-fluid > div > table > thead > tr > th:nth-child(9) #grouperMainContentDivId > div.row-fluid > div > table > tbody > tr:nth-child(1) > td:nth-child(9) ....
And the table no longer overhangs the "working area" div ( #grouperMainContentDivId > div.row-fluid > div ). Yes in this configuration you can also not see the Query value either. So don't "fix" that table that way. Maybe some columns could be suppressed so that only Group,Status,Actions,and Query could be an "advanced display" for this table?
But this may be a “better end user example”. (Yes, still contrived… but users do silly things some times.)
This looks "ok" ( ish )
but this over hangs.
#attributeDefNamesToDeleteFormId > table Add table-layout: fixed
And now the table stays in the div. ( Note: The cell(s) data does not, but the table does. And the width of the first and last columns are not a bit off too. )
Now “fix” these: #attributeDefNamesToDeleteFormId > table > tbody > tr > td:nth-child(3) Set " overflow: scroll;"
Oh.. and #attributeDefNamesToDeleteFormId > table > tbody > tr > td:nth-child(3) > a Remove white-space: nowrap;
Still not perfect… but contained by the outside div.
With a bit more work the first and last columns should be “more narrow” (width) to allow the “Folder” and “Attribute name” columns to have more % of the width. (But my css foo fails me at that point…)
Ok.. wait a second…. I think I have a better idea….
I think the problem is that the table header has “two rows” and it is confusing the display…
Starting over again from here: https://grouperdemo.internet2.edu/grouper_v2_4/grouperUi/app/UiV2Main.index?operation=UiV2AttributeDef.viewAttributeDef&attributeDefId=75cdfbdea6ec4dc4af84bd7bd847e50d
#attributeDefNamesToDeleteFormId > table > thead > tr:nth-child(1) ß I think is most of the problem. If you move that so that it is now here #attributeDefNamesToDeleteFormId > table > tr ( just above the thead )
AND #attributeDefNamesToDeleteFormId > table > tbody > tr:nth-child(2) > td:nth-child(3) > a Remove white-space: nowrap;
Then that looks much better to me. 😊
And we can take it one or two steps farther too…
body > div.top-container > div.container-fluid Remove max-width: 1100px;
body > div.top-container > div.container-fluid > div:nth-child(2) > div.span9.main-content.offset3 width= auto;
Hope that helps give you the picture. 😊
And if we circle back to the Loader Jobs screen with this idea…
body > div.top-container > div.container-fluid Remove max-width: 1100px;
body > div.top-container > div.container-fluid > div:nth-child(2) > div.span9.main-content.offset3 width= auto;
#grouperMainContentDivId > div.row-fluid > div > table Add table-layout:fixed
Add this as the first element in the table ( these could be better… maybe…) <colgroup><col width="15%"> <col width="10%"> <col width="10%"> <col width="5%"> <col width="5%"> <col width="10%"> <col width="10%"> <col width="5%"> <col width=""> </colgroup>
And the radical change…
Each row “Query” column: Move the SQL outside of the input box so the sql can wrap as text should…
#grouperMainContentDivId > div.row-fluid > div > table > tbody > tr:nth-child(1) > td:nth-child(9) Should contain the raw text of #grouperMainContentDivId > div.row-fluid > div > table > tbody > tr:nth-child(1) > td:nth-child(9) > input[type=text]
And if you want you can style the cell with “background: white” to be more like the input field “look”. And throw is “font-size: medium” too..
Maybe add “padding: 10px” too. ( not shown in the next image)
OK.. I did not change all of the rows Query cells…. But I think the picture shows enough…
I am not an accessibility expert. But I would be more than disappointed (and surprised ) if any of those css changes are detrimental to accessibility.
But if you want to discuss a few accessibility improvements… Well this is a long enough email for now. No I need to point at this one… https://todos.internet2.edu/browse/GRP-1816 ( circa 30/May/18 )
Can you ( with only the keyboard ) navigate to the drop down menu to get to the “Create new folder” option on that menu ?
Start with the url having focus and try to tab or arrow key (or any other keyboard key stroke) your way there. I don’t think you can do it.
However… body > div.top-container > div.container-fluid > div:nth-child(2) > div.span3.left-column > div.btn-group.btn-group-create.open > a.btn.btn-bigger.btn-create.dropdown-toggle Add a href=”#” to that a link and now you can. .. AKA GRP-1816.
And there are other things in the same ‘accessibility’ category too. I can give you more if you want to fix them. 😊
– Carey Matthew Black.123@osu.edu
----
Matt, Did you try this and it works? Do you have screenshots and let me know which elements you are adding styles to? The layout doesn’t use tables so im not sure what to try... I know it doesn’t look great but its functional and accessible 😊
---- From: grouper-dev-request@internet2.edu <grouper-dev-request@internet2.edu> On Behalf Of Black, Carey M. Sent: Wednesday, September 04, 2019 10:19 PM Subject: [grouper-dev] maybe a CSS "fix" for the UI table breaking out of the div?
All,
I am NOT a front end web guy. However... maybe this would work?
Add to the outer table in the working area table-layout:fixed;
Add to table columns: overflow: scroll;
Only tested in Chrome. YMMV. It appears to respond fairly to a resized window. (Collapses down to a single column and wraps the column values that need to be wrapped.)
HTH.
– Carey Matthew Black.123@osu.edu
|
[GRP-2189] Visualization: Add download as svg or png Created: 06/Jun/19 Updated: 30/Aug/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.4.0.patch |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chad Redman (unc.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Currently the visualization page displays a textarea element containing the contents of the generated svg. The user can copy the output and save it as a text document, but it must be saved as UTF-8 otherwise extra spaces get corrupted and the file is not viewable. Better would be if a single button would show a dialog to save as a file. Maybe even save as a png for more convenient sharing? |
Comments |
Comment by Chad Redman (unc.edu) [ 17/Jul/19 ] |
converting to image plus triggering a download has been challenging to figure out. I found one library https://github.com/canvg/canvg which at least does the conversion. After including about 100k of js files, simply calling canvg(); on the page will convert any svg into an image. After that you can right click to view in a separate window or download as needed. Maybe we can add a button to convert it, and then flash a status message and disable it once converted. Would this be sufficient? |
Comment by Chad Redman (unc.edu) [ 19/Jul/19 ] |
I had something using the canvg library above, which works sometimes, but fails to convert the root node of my test database. So for 200 objects it works but for 300+ it's just an empty image. Probably it's over a size or a memory limit. I will put this on hold for now. |
[GRP-2304] copy folder issues with name Created: 28/Aug/19 Updated: 28/Aug/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | image-2019-08-28-12-57-04-722.png |
Comments |
Comment by Chris Hyzer (upenn.edu) [ 28/Aug/19 ] |
|
Comment by Chris Hyzer (upenn.edu) [ 28/Aug/19 ] |
note the one that exists is not what is being asked for |
[GRP-2302] create screen to show attribute assignments from an attribute def Created: 27/Aug/19 Updated: 27/Aug/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-2294] status servlet fails to show some core jobs Created: 22/Aug/19 Updated: 22/Aug/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI, WS |
Affects Version/s: | 2.3.0, 2.4.0 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
To my eye.... grouper/src/grouper/edu/internet2/middleware/grouper/j2ee/status/DiagnosticType.java is out of sync (and missing report items) from: grouper/src/grouper/edu/internet2/middleware/grouper/app/loader/GrouperLoader.java
Specifically: } else if (StringUtils.equals(GROUPER_EXTERNAL_SUBJ_CALC_FIELDS, hib3GrouploaderLog.getJobName())) { ... }else if (StringUtils.equals(GROUPER_RULES, hib3GrouploaderLog.getJobName())) { ... }else if (hib3GrouploaderLog.getJobName().startsWith(GrouperLoaderType.GROUPER_GROUP_SYNC)) {
And the https://spaces.at.internet2.edu/display/Grouper/Grouper+diagnostics page likely needs to identify some new "jobs" (and some explanations of them) that likely need to be monitored too. SUCCESS loader_OTHER_JOB_upgradeTasks: ... SUCCESS loader_OTHER_JOB_grouperProvisioningDaemon: ... SUCCESS loader_OTHER_JOB_grouperObjectTypeDaemon: ... SUCCESS loader_OTHER_JOB_schedulerCheckDaemon: ... SUCCESS loader_OTHER_JOB_grouperReportClearDaemon: ... SUCCESS loader_OTHER_JOB_tierInstrumentationDaemon: ... SUCCESS loader_OTHER_JOB_grouperWorkfowReminderDaemon: ... SUCCESS loader_OTHER_JOB_attestationDaemon: ... SUCCESS loader_OTHER_JOB_deprovisioningDaemon: ... SUCCESS loader_OTHER_JOB_findBadMemberships: ... SUCCESS loader_OTHER_JOB_grouperWorkfowDaemon: .... |
[GRP-2106] Membership counts inaccurate when member has more than one membership Created: 17/Apr/19 Updated: 20/Aug/19 |
|
Status: | Resolved |
Project: | Grouper |
Component/s: | API, UI |
Affects Version/s: | 2.4.0.patch |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chad Redman (unc.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Issue Links: |
|
Description |
The visualization count of group members is calling MembershipFinder.findMembershipsMembers() to get a count of members. This counts memberships, not members, so that if a subject is a member via two different paths, it will be counted twice.
The member count on the group UI page is only accurate because it is looping through all the memberships and collating their associated subjects into a different set and counting the result. That solution is probably too resource-intensive to do for a large number of groups.
Using MembershipFinder.findMembers() is also inaccurate. The returned Set<Member>'s does return the unique set. But if query option retrieveCount is set, the count includes the duplicates.
|
Comments |
Comment by cer28 [ 17/Apr/19 ] |
Adding distinct to the relevant Hib3MembershipDAO query works. And it's returning a set anyway, so I don't know of any down side. Are there any? |
Comment by Chad Redman (unc.edu) [ 03/May/19 ] |
Visualization was changed to get counts a different way, so moving this out of the visualization issues. Recommend to move findMembers() out of MembershipFinder and into MemberFinder, since it's finding members and not memberships |
Comment by Chris Hyzer (upenn.edu) [ 20/Aug/19 ] |
fixed in grouper_v2_4_0_api_patch_71 |
[GRP-2047] 2.3 group membership list does not allow assignment of attributes to a membership. Created: 01/Mar/19 Updated: 17/Aug/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 2 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
grouper_v2_3_0_ui_patch_44 |
Description |
When viewing a group's members the "Actions" button for each membership does not have the "Assign attributes" option.
However, if you view the user ( by clicking on the "Entity Name" column). The "Memberships" tab's Actions menu does have an "Assign attributes" option.
Please add the "Assign attributes" option to the Group Memberships tab. |
Comments |
Comment by Carey Black (osu.edu) [ 17/Aug/19 ] |
Also affects 2.4 |
[GRP-2279] Membership graph Created: 16/Aug/19 Updated: 16/Aug/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Shilen Patel (duke.edu) | Assignee: | Shilen Patel (duke.edu) |
Resolution: | Unresolved | Votes: | 2 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Add a membership graph using point in time data to Grouper UI. |
[GRP-1855] grouperPatchStatusFile can't read patch file in a jar Created: 01/Aug/18 Updated: 12/Aug/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, UI |
Affects Version/s: | 2.4.0 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chad Redman (unc.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
When the UI starts (this is in the startup, so may affect other modules), it logs error: 2018-08-01 15:20:50,413: [default task-2] ERROR GrouperVersion.patchesInstalled(440) - Error: cant process grouperPatchStatus.properties This is a non-fatal error. In our installation, our log4j.properties file is embedded in an included jar file. The GrouperVersion.grouperPatchStatusFile() assumes these are filesystem objects, so can't read them from other types of containers. This may need the same change as for the older subject.properties change – just change from files and paths to resources and uri's. |
[GRP-2266] Accessibility issue with Visualization Created: 08/Aug/19 Updated: 09/Aug/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | image-2019-08-08-13-00-58-519.png |
Description |
Visualization uses only color to communicate the Left and Right groups in a complement composite. If the viewer is is color deficient then that meaning is lost for them.
Please change the line ( maybe use a dashed line style, and or a thickness of the lines ) to also indicated the Left and Right groups in the graphic. |
Comments |
Comment by Chris Hyzer (upenn.edu) [ 08/Aug/19 ] |
I think a thicker line works for me. Note, you can mouse over the arrows and get a description of the line
|
Comment by Carey Black (osu.edu) [ 09/Aug/19 ] |
Thanks for looking at this. I did not find the "mouse over" effect in my limited use of visualization so far. And to be clear the "mouse over" appears to only work on the arrow heads of the arrows. Not the whole arrow too. However, if you can not see the difference between the black arrows and the "red/green/blue/black" arrows, then the user would need to mouse over all the arrows to check for "mouse over" effects everywhere. ( not ideal to say the least )
As long as the size of the black, red, green, and blue (composite intersection) arrows are all visually distinctly different then I think that would be a reasonable solution. Basic visual accessibility rule: Never use color alone to communicate something. Instead use distinct: shapes, patterns, sizes, etc. to also indicate what the color could tell someone.
If it would be "easier" then maybe different arrow types should be used instead of thickness? REF: https://graphviz.gitlab.io/_pages/doc/info/arrows.html
And while you are at it... the "mouse overs" in the legend could gain some parity with the strings in the diagram. example: "complement_group -> complement_right_factor" is not as helpful as the diagram mouse over: "complement group $GROUP_NAME$ has group $GROUP_NAME2$ being Excluded as a right factor"
|
Comment by Chris Hyzer (upenn.edu) [ 09/Aug/19 ] |
another data point, there is a text-only version of the visualization. also the box does say if it is a complement or not. So I think right factors thicker, left factor thinner, and should be good, right? |
[GRP-1977] get rid of ui asmap classes and media.properties Created: 03/Jan/19 Updated: 07/Aug/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chad Redman (unc.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
We might be able to move the asmap classes (e.g. stemasmap) to the legacy UI source, and media.properties. Not sure if anything from the new UI is using it, but I assume not |
Comments |
Comment by mchyzer [ 03/Jan/19 ] |
and membership-export.xml and membership-import.xml files and config in grouper-ui.properties |
[GRP-2258] ability to block a folder from being "copied" in the UI. Created: 30/Jul/19 Updated: 30/Jul/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
It would be useful to have control over what options a UI user has for manipulating objects in grouper. ( in general )
An example would be to prevent users from being able to "copy a folder". It is possible that the folder copy may work, but other tasks/logic would be skipped too. Example: Folders created by a Template that sets access controls, attributes, etc. ( Same for work done by hooks and/or change log consumers )
Having a way to identify folders (and or groups?) that should "opt out" of that function would be helpful to users. |
[GRP-2255] GDG structure template should also deselect permission actions on groups Created: 22/Jul/19 Updated: 22/Jul/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.4.0 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Jeffrey Williams (uncg.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
tier/grouper:2.4.0-a47-u25-w5-p6-20190611 |
Attachments: | 2019-07-22 10_29_44-Mozilla Firefox (Private Browsing).png |
Description |
GDG structure template: deselecting groups does not automatically deselect (or outright remove) permission operations corresponding with those groups. Observed with org:app and org:org, most likely the rest. You can deselect the the permission operations manually and the template seems to complete with no issue, so the issue seems specific to the UI interface and not the underlying template logic.
|
[GRP-2248] grouper ui does not work in readonly mode Created: 15/Jul/19 Updated: 15/Jul/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-2243] My Services: change what clicking on a "service folder" does... Created: 03/Jul/19 Updated: 03/Jul/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Currently the click on a "My services" service can produce one of two things: 1) if the attribute is assigned to more than one folder then a list of folders where the Service attribute has been assigned is displayed. ( The UI is redirect after the user clicks on one of the folders listed in that table. ) 2) if the attribute is assigned to only one folder then the UI is redirect the folder
I suggest that Condition 2, and when the user selects a folder from Condition 1, that the UI no longer be directly linked to those target folders. Instead, I think it would be much more helpful if the user ended up being given UI table from the "My groups" --> "Groups I Manage"(tab) with the 'Filter for:" value set to the path of the folder that the user would have been redirected too.
This way the user can start at a "service" and end at the groups they can manage for that service. (NOTE: the user may be able to see other groups in the service folder that they can not manage when they view the folder directly.) |
[GRP-2186] Inconsistent behavior re: Copying loader groups' metadata, attributes Created: 06/Jun/19 Updated: 07/Jun/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Shilen Patel (duke.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
tier/grouper:2.4.0-a47-u25-w5-p6-20190515-rc1 |
Description |
When copying a loader ldap group, it's metadata nor any other directly assigned attributes are not copied over when 'Copy attributes?' is selected. With legacyGroupType_grouperLoader, the metadata is preserved, but other directly assigned attributes are not.
|
Comments |
Comment by Chris Hyzer (upenn.edu) [ 07/Jun/19 ] |
Loader attributes should definitely be copied. Some attributes should not be copied (loader stats)... Maybe some others should (e.g. provisioning, attestation, deprovisioning, reports, workflow). Lets document in the Jira where that list is to copy or not so we can easily make changes afterwards. |
[GRP-2167] add value in attribute value needs to be more accurate Created: 29/May/19 Updated: 29/May/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
doesnt show the right attribute def name |
[GRP-2159] add "act as" in ui Created: 29/May/19 Updated: 29/May/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-2158] decide which gdg types should inherit and how far Created: 29/May/19 Updated: 29/May/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-2148] Group Trace Membership should show what it can for non-admins Created: 23/May/19 Updated: 23/May/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.4.0 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Michael Gettes (ufl.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
TIER/ITAP container - latest |
Description |
a non-admin user when viewing trace membership should be able to see whatever is possible instead of getting "There are no indirect paths for this entity and group that you are allowed to read". Showed this to Chris Hyzer - this submission based on his recommendation. Side note: security.show.folders.where.user.can.see.subobjects might need to default to false instead of true. he's mulling this over. |
[GRP-2146] template issue when creating in folder Created: 17/May/19 Updated: 17/May/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Vivek Sachdeva (google.com) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | image-2019-05-17-16-38-14-109.png |
Description |
note, this is not urgent, but keeping track. when creating in folder (not creating a subfolder), it should use the extension and display extension of the parent folder for the key and display key |
Comments |
Comment by Chris Hyzer (upenn.edu) [ 17/May/19 ] |
should say "directoryAdmins" |
[GRP-2145] UI user event integration point ("UI hooks") Created: 16/May/19 Updated: 16/May/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
It would be nice to be able to add logic to the functionality of the UI. ( above the Grouper API/DB layer. )
As a specific example ( but not limited to this single case ) it would be helpful to be able to "get control and do something else" when a user tries to add an existing member to a group. Examples of what "something else" might be: Give them a helpful message Add attributes to the indicated user's existing Membership Route the user to a different screen ( like attributes on the users existing Membership ) Prompt the user if they want to "remove the user" ( better than searching a large group of users to remove them. )
To be clear "Adding a member" is only one of the UI actions that I would like to be able to "intercept and extend". ( Basically any button/function in the UI would be useful. )
|
[GRP-2144] NPE in package edu.internet2.middleware.grouper.grouperUi.serviceLogic;.UiV2MembershipAttributeAssignment Created: 15/May/19 Updated: 15/May/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
2.3 patched |
Description |
As a member of wheel, attempting to delete an attribute assigned to an immediate membership produces java.lang.NullPointerException:
2019-05-15 18:06:10,560: [ajp-nio-8009-exec-9] ERROR GrouperUiRestServlet.doGet(352) - - Problem calling reflection from URL: edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2MembershipAttributeAssignment.assignDelete java.lang.NullPointerException: Problem calling method assignDelete on edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2MembershipAttributeAssignment
|
[GRP-2136] grouper types should show type next to extension on screen with tooltip Created: 11/May/19 Updated: 11/May/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Vivek Sachdeva (google.com) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | image-2019-05-11-12-16-39-112.png |
Comments |
Comment by Chris Hyzer (upenn.edu) [ 11/May/19 ] |
|
Comment by Chris Hyzer (upenn.edu) [ 11/May/19 ] |
this is not going to be trivial. the group or stem html format is in the externalized text. so you should have a getter on group or stem that displays the type stuff, all the HTML with parens, optional commas, tooltip, etc. then just call that from the externalized text file. ok? the font should be dark gray, not black like above. should be slightly smaller than the link. and have a dark gray dotted line below that to show there is a tooltip. these things should be in css. this should show in search results, membership lists, etc. wonder if it is possible to show in left menu too
thanks! |
[GRP-2126] readonly admins should be able to read privs of objects Created: 08/May/19 Updated: 08/May/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-2105] In grouper web UI - opening a large group is very slow where large > 30K Created: 12/Apr/19 Updated: 12/Apr/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.4.0 |
Fix Version/s: | None |
Type: | Bug | Priority: | Major |
Reporter: | Michael Gettes | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 1 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
Docker packaged |
Description |
Opening a large group, even with subject caching enabled, is slow. Seems like all members need to be loaded instead of the first page. It can take a few minutes to open a group 30-600K. Erik Coleman also sees this problem - noted in tier-grouper slack channel. |
[GRP-2100] effective privilege advance filter does not work Created: 04/Apr/19 Updated: 04/Apr/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | image-2019-04-04-12-24-51-726.png image-2019-04-04-12-25-21-537.png |
Description |
if someone has an effective privileges due to an encapsulating privilege, it is not filterable on the priv screen (groups/folders/attributes) |
Comments |
Comment by mchyzer [ 04/Apr/19 ] |
original privs
|
Comment by mchyzer [ 04/Apr/19 ] |
filter by an effective priv, see no results
|
[GRP-2090] obliterate should have some checks and balances Created: 03/Apr/19 Updated: 03/Apr/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
|
[GRP-2089] deleting a group should delete attribute assignments involving group Created: 03/Apr/19 Updated: 03/Apr/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
e.g. if the group has inherited privs, or other things |
[GRP-2088] enter key on combobox should select the result if there is one (e.g. from search) Created: 03/Apr/19 Updated: 03/Apr/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-2087] Fix deprecated warnings in ant/maven builds Created: 03/Apr/19 Updated: 03/Apr/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, grouperClient, UI, WS |
Affects Version/s: | 2.4.0 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chad Redman (unc.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Numerous warnings come up when doing an ant build. Most of these are in the api and grouper client builds. Some are related to com.misc.unsafe classes, some are missing enums, etc. |
[GRP-2086] add include/exclude and require groups on new UI Created: 03/Apr/19 Updated: 03/Apr/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
CC: |
eisbruchs
|
[GRP-2084] long names on objects should not wrap in ui Created: 02/Apr/19 Updated: 02/Apr/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | image-2019-04-02-09-00-06-386.png |
Description |
|
[GRP-2081] upgrade font awesome and change local entity icon to user cog Created: 27/Mar/19 Updated: 27/Mar/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-2077] friendly error for circular membership Created: 26/Mar/19 Updated: 26/Mar/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Also, dont show current group in drop down to add to self... shouldnt be able to pick it
Error: edu.internet2.middleware.grouper.exception.MemberAddException: membership cannot be circular, Exception in save: edu.internet2.middleware.grouper.Membership, edu.internet2.middleware.grouper.hibernate.ByObject@ce49a9, Problem in HibernateSession: HibernateSession (1c444ab): notNew, notReadonly, READ_WRITE_NEW, activeTransaction, session (c3a47a), Exception in save: edu.internet2.middleware.grouper.Membership, ByObjectStatic, query: ', cacheable: null, cacheRegion: null, entityName: ImmediateMembershipEntry, tx type: null, membership: group: penn:community:employeeOrContractorOrAffiliate, subject: 8f17313daa304da790847c558c322b02, field: members, uuid: null, startDate: null, endDate: null, , group name: penn:community:employeeOrContractorOrAffiliate, subject: Subject groupName: penn:community:employeeOrContractorOrAffiliate, sourceId: g:gsa, field: members, Problem in HibernateSession: HibernateSession (16f29f): notNew, notReadonly, READ_WRITE_NEW, activeTransaction, session (c3a47a), Problem in HibernateSession: HibernateSession (1c1b463): notNew, notReadonly, READ_WRITE_NEW, activeTransaction, session (c3a47a), Problem in HibernateSession: HibernateSession (121205f): new, notReadonly, READ_WRITE_NEW, notActiveTransaction, session (c3a47a), Problem calling method addMemberSubmit on edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2Group |
[GRP-2076] paging with 0 results shows wrong answer Created: 26/Mar/19 Updated: 26/Mar/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Showing 1-0 of 0 · First | Prev | Next | Last
Should be
Showing 0-0 of 0 · First | Prev | Next | Las |
[GRP-2074] UI search feature in top right corner does not handle % values correctly Created: 20/Mar/19 Updated: 20/Mar/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
using the Grouperdemo 2.4 server. Search for the string "Dep" in the upper right hand corner and you will get results. Search for the string "Dep%:apps" in the "Search Results" form and you will get a more focused result set.
If you search on "Dep%:apps" in the upper right hand corner and you will get a broken UI where the "main part of the app" is "missing". The best way to get it back is to either manually edit the URL by removing the "searchQuery=" parameter and do a browser level refresh.
So one string "breaks" the UI. ( I have also reproduced this in the 2.3 UI as well. So patching that would be welcome. )
|
Comments |
Comment by mchyzer [ 20/Mar/19 ] |
what do you think the behavior should be for % ? |
Comment by black.123 [ 20/Mar/19 ] |
It appears to be a wildcard ( any [one or more] characters ) in the "Search Results" form. Which seems reasonable and expected to me. Though I have not considered how a literal % should be expressed. ( Maybe %% to get it "escaped" in the search? But defaulting to whatever hibernate would expect makes sense too. )
The primary reason to report the bug was to get the UI to not break. But if the results can also be consistent then that would be great too. |
[GRP-2039] graphing is not showing do_not_provision_to attributes on groups/folders Created: 17/Feb/19 Updated: 20/Mar/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Michael Gettes | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
latest TIER container |
Description |
do_not_provision_to attributes need to be displayed for folder/group objects. I also notice the wrong group name is displayed on child objects when hovering. Also, the tree (back-track) needs to be done for child objects so folder structure and attributes (provisioning) can be displayed. |
Comments |
Comment by mchyzer [ 18/Feb/19 ] |
Lets be sure to use the new provisioning attributes and not provision_to do_not_provision... this might take a little time to release those attributes (though the code is committed), and get PSPNG to use those attributes. thanks! |
Comment by mchyzer [ 18/Feb/19 ] |
Note: there is also a tooltip issue on the "UI Visualization" wiki which might be related... |
Comment by Michael Gettes [ 22/Feb/19 ] |
Seems like we could fix this code at any appropriate time - use the current attributes or the new ones. But also keep in mind this issue is about backtracking from every node on the graph including the children nodes. I think the fix for the backtracking should go in as soon as possible/appropriate with the adjustments of what attribute to reference as a separately timed fix. Thanks. /mrg |
Comment by cer28 [ 20/Mar/19 ] |
Split the 2nd and 3rd issues into two different ones: |
[GRP-2073] Visualization back track needs to be done for child objects Created: 20/Mar/19 Updated: 20/Mar/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.4.0.patch |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Michael Gettes | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Split off from GRP-2039.
|
[GRP-2072] Visualization wrong group name is displayed on child objects when hovering Created: 20/Mar/19 Updated: 20/Mar/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.4.0.patch |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Michael Gettes | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Split off from GRP-2039 |
[GRP-2054] composite screen should also say 'minus' and 'in both' or something Created: 08/Mar/19 Updated: 08/Mar/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-2029] delete all members from group should make one audit record Created: 15/Feb/19 Updated: 15/Feb/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Comments |
Comment by black.123 [ 15/Feb/19 ] |
If the current behavior is to list all users who are removed, then will that be optionally available after this change? Or is this to add an additional audit record to say that a "all Members" removal was done? |
Comment by mchyzer [ 15/Feb/19 ] |
there should generally be one audit record per user event. so it would be "all members" removal was done. point in time still have the exact history... |
[GRP-2028] grouper could redirect to logged out page after X minutes... Created: 15/Feb/19 Updated: 15/Feb/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-2008] Slow query on audit log in the UI Created: 31/Jan/19 Updated: 11/Feb/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.4.0 |
Fix Version/s: | None |
Type: | Bug | Priority: | Major |
Reporter: | Michael Gettes | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 2 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
TIER docker package tier/grouper:2.4.0-a19-u9-w1-p2-20190129-canary |
Description |
The following was sent to the grouper-core list on Jan 13, 2019 - per Mr. Hyzer creating ticket as well. Hi all, Something that has been bugging me is the slowness of the view audit on a group in the UI. I grabbed the SQL (first select below) and this was regularly taking 40 seconds on my laptop. I re-wrote it and this is the second query and it takes 6 seconds. I am going against MariaDB v10 latest but this may be a more general issue. Of course, repeated executions of each take a few ms due to the DB memory caching. When the cache is not used, these timings are consistent for the query executed in my environment. Clearly, the logic of anding/oring impacts the performance of the query. I recall experiencing slow audit logs when I ran grouper at Penn State against an Oracle DB. I hope this helps. I am using tier/grouper:2.4.0-a14-u8-w1-p0-20190101-canary package. /mrg — the following was grabbed from the running SQL on the DB side when choosing “view audit log” in the UI for a group. This takes >40 seconds. — this altered version takes 6 seconds. |
Comments |
Comment by mchyzer [ 11/Feb/19 ] | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
In oracle the query is: Cost: 231,365 Bytes: 1,911,000 Cardinality: 100
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Comment by mchyzer [ 11/Feb/19 ] | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Here is the proposed query: Cost: 231,239 Bytes: 1,624,350 Cardinality: 85
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Comment by mchyzer [ 11/Feb/19 ] | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
This is the implementation of the proposed changes to the query which did not produce substantial improvements in oracle...
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Comment by mchyzer [ 11/Feb/19 ] | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Another option is seeing if tuple indexes on auditTypeId and each value col would help | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Comment by mchyzer [ 11/Feb/19 ] | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
I would like to discuss with Shilen and see if we can convert the Audit Query implementation to SQL and use UNION. Since it is currently HQL and HQL does not support UNION, this is a substantial effort... This is a union query which has cost 18
This has cost 118k
|
[GRP-2004] Provide a way for a user to "name" a Favorite. ( A specific "description" on the user's favorite.) Created: 29/Jan/19 Updated: 29/Jan/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Currently Favorites are only a pointer to the existing "path" and "Favorite name". It would be a valuable if the user could augment those strings with a personally meaningful string that they manage. |
[GRP-2001] UI Attribute Assignments screen should be able to display attributes from objects "above" the current object as well. Created: 29/Jan/19 Updated: 29/Jan/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Since attributes can be used from objects ( stems ) above a currently displayed object ( stem, group, Attribute Def ) it would be helpful to be able to see additional attributes and values from "ancestor" objects.
( Still subject to current user access restrictions. )
Maybe there could be a button add to that screen to "show inherited attributes". That would add a second table to the tab/UI ( under the current table) that would list the same columns in the existing table and add one more ( leading ) column that identifies the object that has the attribute for that row.
Sort order in "ascending order" (closest to the current object at the top of the table and farthers from the object at the bottom of the table) from the current object would be very helpful too. ( So the user can see how the values might be "masked' relative to the selected object. |
[GRP-1985] role inheritance should use group short link (clickable and tooltip) Created: 07/Jan/19 Updated: 07/Jan/19 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Vivek Sachdeva (google.com) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-1958] UI / WS features to see change log consumers state/processing info Created: 05/Dec/18 Updated: 07/Dec/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI, WS |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
It would be helpful to be able to monitor and review the change log consumer queues.
Admins could have a UI "Miscellaneous" page, and monitors could use a WebService interface. ( The data exposed should be read only. )
Examples of data that would be useful to surface would be things like: ] select name,last_sequence_processed,last_updated,created_on from grouper_change_log_consumer
] select created_on,sequence_number from grouper_change_log_entry where sequence_number=(select max(sequence_number) from grouper_change_log_entry)
I would suggest that the Miscellaneous page and the WS should be guarded by a configurable group. (similar to the: groups.wheel.group, require.group.for.logins access controls) maybe called something like groups.changeLogConsumer.monitor. |
Comments |
Comment by black.123 [ 07/Dec/18 ] |
Mostly resolved by https://bugs.internet2.edu/jira/browse/GRP-1950 (AKA: grouper_v2_4_0_api_patch_11 and grouper_v2_4_0_ui_patch_5 ) Still would like WS interface to the data for programmatic monitoring capabilities. It would be ideal if thsee parts of this enhancement request coudl still be implemented: And since the UI allows the admin to enble/disable the jobs, that might be great in the WS too. |
[GRP-1960] copy a folder and rename it to the same parent folder, get error Created: 06/Dec/18 Updated: 06/Dec/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
2018-12-06 08:44:15,072: [TP-Processor11] ERROR GrouperUiRestServlet.doGet(330) - Problem calling reflection from URL: edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2Stem.stemCopySubmit
edu.internet2.middleware.grouper.exception.StemAddAlreadyExistsException: Stem exists: penn:provost:admissions:apps:slate:slateProd, Problem in HibernateSession: HibernateSession (7d787d73): new, notReadonly, READ_WRITE_NEW, notActiveTransaction, session (f54775), Problem calling method stemCopySubmit on edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2Stem at edu.internet2.middleware.grouper.Stem.internal_addChildStem(Stem.java:2709) at edu.internet2.middleware.grouper.Stem$14.callback(Stem.java:4108) at edu.internet2.middleware.grouper.hibernate.HibernateSession.callbackHibernateSession(HibernateSession.java:700) at edu.internet2.middleware.grouper.Stem.internal_copy(Stem.java:4072) at edu.internet2.middleware.grouper.StemCopy.save(StemCopy.java:131) at edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2Stem.stemCopySubmit(UiV2Stem.java:553) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at edu.internet2.middleware.grouper.util.GrouperUtil.invokeMethod(GrouperUtil.java:4163) at edu.internet2.middleware.grouper.util.GrouperUtil.callMethod(GrouperUtil.java:4114) at edu.internet2.middleware.grouper.j2ee.GrouperUiRestServlet.doGet(GrouperUiRestServlet.java:297) at edu.internet2.middleware.grouper.j2ee.GrouperUiRestServlet.doPost(GrouperUiRestServlet.java:168) at javax.servlet.http.HttpServlet.service(HttpServlet.java:637) at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.owasp.csrfguard.CsrfGuardFilter.doFilter(CsrfGuardFilter.java:110) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at edu.internet2.middleware.grouper.ui.GrouperUiFilter.doFilter(GrouperUiFilter.java:1049) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at edu.upenn.isc.proxyWrapper.ProxyWrapperFilter.doFilter(ProxyWrapperFilter.java:50) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286) at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190) at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:283) at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:767) at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:697) at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:889) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:690) at java.lang.Thread.run(Thread.java:745)
|
[GRP-1956] template hierarchical privileges are not taking effect Created: 03/Dec/18 Updated: 03/Dec/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
add a template, add someone to admin, they dont have privs |
[GRP-1954] add option to export only direct members or maybe certain sources or add column Created: 30/Nov/18 Updated: 30/Nov/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 1 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Comments |
Comment by mchyzer [ 30/Nov/18 ] |
or maybe filter by sources, and export the filter that is shown? |
[GRP-1946] Attestation on a folder requires READ/UPDATE on attestationDef and attestationValueDef Created: 07/Nov/18 Updated: 07/Nov/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, UI |
Affects Version/s: | 2.4.0 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
If I grant create to a folder, a user can create a group and set up attestation with no issues. The user has all the write privileges it needs. If there is attestation on the folder, a non-root user creating a group needs:
Sample errors:
Granting global read/update on the attribute definitions seems excessive. Plus it requires extra permission setup that isn't documented. |
[GRP-1943] add debugging information in UI search Created: 02/Nov/18 Updated: 02/Nov/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | 2.4.0.patch, 2.5.0 |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Erik Coleman [3:19 PM] Chris Hyzer [4:57 PM] Chad Redman [10:27 PM] |
Comments |
Comment by mchyzer [ 02/Nov/18 ] | ||
configure:
| ||
Comment by mchyzer [ 02/Nov/18 ] | ||
sample output:
| ||
Comment by mchyzer [ 02/Nov/18 ] | ||
fixed in grouper_v2_4_0_api_patch_5, grouper_v2_4_0_ui_patch_2 |
[GRP-1940] display create date/created by info on membership details UI Created: 26/Oct/18 Updated: 26/Oct/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.3.0 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 1 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
When you use the "Edit membership and privileges" (action menu item on a Membership ) the details that are displayed do not include the "create time" nor the user that created the membership.
URL is something like: UiV2Main.index?operation=UiV2Membership.editMembership
Even when there is not a "Start date" the date when the membership was created is really the "Start Date". And it can be helpful to know if a person (or the loader) created the membership too.
Please include those (and if there are other details about the membership that are available) on the editMembership UI. |
[GRP-1937] people with READ should be able to attest since might be managed elsewhere Created: 22/Oct/18 Updated: 22/Oct/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Comments |
Comment by cer28 [ 22/Oct/18 ] |
Cf GRP-1640 Attestation mailer sending to group readers. This is what it was originally. My rationale was that it would send annoying attestation emails to people who couldn't attest. Maybe this can be a property whether to turn this on? |
Comment by mchyzer [ 22/Oct/18 ] |
yes a property sounds good. should be possible and not the default behavior. thanks! |
[GRP-1938] "Email addresses (comma separated)" should be bold like other attestation headers Created: 22/Oct/18 Updated: 22/Oct/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | image-2018-10-22-14-01-33-532.png |
Comments |
Comment by mchyzer [ 22/Oct/18 ] |
|
Comment by mchyzer [ 22/Oct/18 ] |
edit form should also be bold |
[GRP-1313] potential ws/ui memory leaks with threadlocals Created: 27/May/16 Updated: 22/Oct/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI, WS |
Affects Version/s: | None |
Fix Version/s: | 2.4.0, 2.3.0.patch |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 1 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
tomcat 6.0.26 |
Description |
Note, I believe these are only if you reload the application in tomcat which is not recommended. If you shut down the application these should not be a problem. Not sure though. 1. SEVERE: A web application created a ThreadLocal with key of type [java.lang.InheritableThreadLocal] (value [java.lang.InheritableThreadLocal@49f5a659]) and a value of type [edu.internet2.middleware.grouper.j2ee.GrouperRequestWrapper] (value [edu.internet2.middleware.grouper.j2ee.GrouperRequestWrapper@70124154]) but failed to remove it when the web application was stopped. To prevent a memory leak, the ThreadLocal has been forcibly removed. 2. May 27, 2016 5:01:13 PM org.apache.catalina.loader.WebappClassLoader clearThreadLocalMap 3. May 27, 2016 5:01:13 PM org.apache.catalina.loader.WebappClassLoader clearReferencesThreads 4. May 27, 2016 5:01:13 PM org.apache.catalina.loader.WebappClassLoader clearReferencesThreads 5. May 27, 2016 5:01:13 PM org.apache.catalina.loader.WebappClassLoader clearReferencesStopTimerThread 6. May 27, 2016 5:01:13 PM org.apache.catalina.loader.WebappClassLoader clearReferencesJdbc 7. May 27, 2016 5:01:13 PM org.apache.catalina.loader.WebappClassLoader clearReferencesStopTimerThread ComboPooledDataSource.reset() ? |
Comments |
Comment by mchyzer [ 27/May/16 ] |
> 1. This one could not be found > 2. This should be fixed > 3. I have no idea what this is > 4. Hopefully closing hibernate fixes this > 5. Hopefully closing hibernate and stopping ehcache controller fixes this > 6. this is fixed > 7. Hopefully closing hibernate fixes this |
Comment by mchyzer [ 22/Jun/16 ] |
note, if you are applying this patch to the WS (not the UI), you need to add this below the filter mapping and above the servlet: <listener> https://github.com/Internet2/grouper/commit/9ddff7d047b5e4955bffbeba27e0e397e41062fe |
Comment by mchyzer [ 22/Jun/16 ] |
note, this one is not a problem: https://issues.apache.org/jira/browse/AXIS2-5310 created a ThreadLocal with key of type [org.apache.axiom.util.UIDGenerator$1] (value |
Comment by cer28 [ 22/Oct/18 ] |
[GRP-1380] "Add members” displays new content not apparent to a screenreader Created: 04/Oct/16 Updated: 22/Oct/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.3.0 |
Fix Version/s: | 2.4.0, 2.3.0.patch |
Type: | Improvement | Priority: | Major |
Reporter: | Pregash Devasagayam (Inactive) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | accessibility, ui | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
Technology Used: NVDA (ver. 2016.1), Firefox (ver. 48.0.2) on Windows 10 PC |
Attachments: | Grouper - evaluation & remediation.pdf |
Description |
Problem: Solution: Adding the following jQuery (or equivalent JavaScript) should place the attribute role="alert" and change the attribute "aria-expanded” to “true" (from “false) in the "control-group" div statement once the link "show-add-block" is selected (this is the ID of the “Add members” link). This will alert the screenreader that new content has appeared. The last statement below will place focus in the “Member name or ID” field. (Note: the current coding for this input field is quite complex with a number of hidden fields located at the same location. As with the other suggestions in this report, these solution should be tested with a screenreader once these changes are implemented). ); You can read and see more examples on making collapsible and expandable content accessible at: https://www.w3.org/WAI/GL/wiki/Using_aria-expanded_to_indicate_the_state_of_a_collapsible_element |
Comments |
Comment by Pregash Devasagayam (Inactive) [ 04/Oct/16 ] | |||||||||||||||||||||
This is the second item in the document. Document has screenshots of the issue. | |||||||||||||||||||||
Comment by mchyzer [ 11/Nov/16 ] | |||||||||||||||||||||
Im looking at this commit: https://github.com/Internet2/grouper/commit/ff831df553c7735d467a004c4f3b537088b861ca Three comments: 1. This is a general problem, not specific to this one screen. We need to look for all instances of buttons like this and fix them. E.g. on folder privileges, etc. Maybe other hide/shows too? 2. Can you make the javascript generic so we can call it in other situations? e.g. something like (I didnt compile or test this):
3. Can you make sure your editors are set to use 2 spaces for indent and not tabs? I think the js file got some tabs from you... | |||||||||||||||||||||
Comment by cer28 [ 22/Oct/18 ] | |||||||||||||||||||||
[GRP-1394] Add "role=button" to Add Members link Created: 22/Oct/16 Updated: 22/Oct/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.3.0 |
Fix Version/s: | 2.4.0, 2.3.0.patch |
Type: | Improvement | Priority: | Major |
Reporter: | Vivek Sachdeva (google.com) | Assignee: | Vivek Sachdeva (google.com) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | accessibility, ui | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
Technology Used: NVDA (ver. 2016.1), Firefox (ver. 48.0.2) on Windows 10 PC |
Description |
Problem: Solution: |
Comments |
Comment by vsachdeva [ 22/Oct/16 ] |
I cloned this Jira from another one and looks like I cannot edit the description. Chris, could you change the description to say: “Add member” appears visually as a button but is read as a link. Solution: |
Comment by mchyzer [ 11/Nov/16 ] |
Are there more buttons that we need this role? |
Comment by vsachdeva [ 14/Nov/16 ] |
There were a bunch of other places in the new UI where hyperlinks were acting as buttons. I have made the change to all of them. |
Comment by cer28 [ 22/Oct/18 ] |
[GRP-1397] UI Accessibility Improvements: “Member name or ID” field appears to be mislabeled and identified as a combo-box through use of ARIA role Created: 29/Oct/16 Updated: 22/Oct/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.3.0 |
Fix Version/s: | 2.4.0, 2.3.0.patch |
Type: | Improvement | Priority: | Major |
Reporter: | Vivek Sachdeva | Assignee: | Vivek Sachdeva (google.com) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | accessibility, ui | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
Technology Used: NVDA (ver. 2016.1), Firefox (ver. 48.0.2) on Windows 10 PC |
Description |
Problem: |
Comments |
Comment by cer28 [ 22/Oct/18 ] |
[GRP-1398] UI Accessibility Improvements: Pull down menus throughout site do not indicate their function as a pull down menu or announce changed state once selected Created: 29/Oct/16 Updated: 22/Oct/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.3.0 |
Fix Version/s: | 2.4.0, 2.3.0.patch |
Type: | Improvement | Priority: | Major |
Reporter: | Vivek Sachdeva | Assignee: | Vivek Sachdeva (google.com) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | accessibility, ui | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
Technology Used: NVDA (ver. 2016.1), Firefox (ver. 48.0.2) on Windows 10 PC |
Description |
Problem: For example, in the "More Actions" pull-down menu (shown above), there is no cue that this is a pull-down menu or an announcement that the menu has been opened. Solutions: For example, in the “more actions” pull down menu, we would start by adding aria- haspopup="true" and aria-expanded=”false” and role = “menu” to the anchor object for the “More actions” link. |
Comments |
Comment by mchyzer [ 11/Nov/16 ] |
Please look for more instances of pull down menus, e.g. attribute def has one, not sure if others... |
Comment by vsachdeva [ 14/Nov/16 ] |
There were a bunch of others pull down menus I could find. I have made the changes for all of them. |
Comment by cer28 [ 22/Oct/18 ] |
[GRP-1399] UI Accessibility Improvements: Section tabs read as links Created: 29/Oct/16 Updated: 22/Oct/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.3.0 |
Fix Version/s: | 2.4.0, 2.3.0.patch |
Type: | Improvement | Priority: | Major |
Reporter: | Vivek Sachdeva | Assignee: | Vivek Sachdeva (google.com) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | accessibility, ui | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
Technology Used: NVDA (ver. 2016.1), Firefox (ver. 48.0.2) on Windows 10 PC |
Description |
Problem: |
Comments |
Comment by mchyzer [ 11/Nov/16 ] |
Please look for more instances of tabs, e.g. attrbuteDef has tabs |
Comment by cer28 [ 22/Oct/18 ] |
[GRP-1400] UI Accessibility Improvements: Group membership entity table lacks column header for fourth column Created: 29/Oct/16 Updated: 22/Oct/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.3.0 |
Fix Version/s: | 2.4.0, 2.3.0.patch |
Type: | Improvement | Priority: | Major |
Reporter: | Vivek Sachdeva | Assignee: | Vivek Sachdeva (google.com) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | accessibility, ui | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
Technology Used: NVDA (ver. 2016.1), Firefox (ver. 48.0.2) on Windows 10 PC |
Description |
Problem: Solution: |
Comments |
Comment by cer28 [ 22/Oct/18 ] |
[GRP-1407] UI Accessibility Improvements: Placeholder text is not “visible” to a screenreader Created: 06/Nov/16 Updated: 22/Oct/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.3.0 |
Fix Version/s: | 2.4.0, 2.3.0.patch |
Type: | Improvement | Priority: | Major |
Reporter: | Vivek Sachdeva (google.com) | Assignee: | Vivek Sachdeva (google.com) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | accessibility, ui | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
Technology Used: NVDA (ver. 2016.1), Firefox (ver. 48.0.2) on Windows 10 PC |
Description |
Problem: |
Comments |
Comment by cer28 [ 22/Oct/18 ] |
[GRP-1408] UI Accessibility Improvements: On the Grouper home page, “Create new group” is not read by screen readers until after all of the main content is read Created: 06/Nov/16 Updated: 22/Oct/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.3.0 |
Fix Version/s: | 2.4.0, 2.3.0.patch |
Type: | Improvement | Priority: | Major |
Reporter: | Vivek Sachdeva (google.com) | Assignee: | Vivek Sachdeva (google.com) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | accessibility, ui | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
Technology Used: NVDA (ver. 2016.1), Firefox (ver. 48.0.2) on Windows 10 PC |
Description |
On the Grouper home page, “Create new group” is not read by screen readers until after all of the main content is read, including everything within “My favorites”, “Groups I Manage”, and “My Services.” Given the importance of the function, it should perhaps come earlier in the flow. |
Comments |
Comment by cer28 [ 22/Oct/18 ] |
[GRP-1409] UI Accessibility Improvements: Error (and success) messages are displayed above the page heading and all content, unapparent to screenreaders Created: 06/Nov/16 Updated: 22/Oct/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.3.0 |
Fix Version/s: | 2.4.0, 2.3.0.patch |
Type: | Improvement | Priority: | Major |
Reporter: | Vivek Sachdeva (google.com) | Assignee: | Vivek Sachdeva (google.com) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | accessibility, ui | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
Technology Used: NVDA (ver. 2016.1), Firefox (ver. 48.0.2) on Windows 10 PC |
Description |
Problem: |
Comments |
Comment by cer28 [ 22/Oct/18 ] |
[GRP-1410] UI Accessibility Improvements: The bread crumb above the main content is not identified as a bread crumb to the screen reader, losing its value as a navigation tool for the screen reader user. Created: 06/Nov/16 Updated: 22/Oct/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.3.0 |
Fix Version/s: | 2.4.0, 2.3.0.patch |
Type: | Improvement | Priority: | Major |
Reporter: | Vivek Sachdeva (google.com) | Assignee: | Vivek Sachdeva (google.com) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | accessibility, ui | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
Technology Used: NVDA (ver. 2016.1), Firefox (ver. 48.0.2) on Windows 10 PC |
Description |
Solution: |
Comments |
Comment by mchyzer [ 05/Dec/16 ] | |||||
You should probably escape this...
| |||||
Comment by cer28 [ 22/Oct/18 ] | |||||
[GRP-1431] Two links with label "More" appears on the same page Created: 04/Dec/16 Updated: 22/Oct/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.3.0 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Major |
Reporter: | Vivek Sachdeva (google.com) | Assignee: | Vivek Sachdeva (google.com) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | accessibility, ui | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
Technology Used: NVDA (ver. 2016.1), Firefox (ver. 48.0.2) on Windows 10 PC |
Description |
Problem: Solution: |
Comments |
Comment by mchyzer [ 05/Dec/16 ] | |||||
You should probably escape these...
| |||||
Comment by cer28 [ 22/Oct/18 ] | |||||
Commit is on 04/Dec which precedes the above comment. Though UI patch is from May which is later. Still an open issue? |
[GRP-1432] Display of custom privilege choices are not announced Created: 04/Dec/16 Updated: 22/Oct/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.3.0 |
Fix Version/s: | 2.4.0, 2.3.0.patch |
Type: | Improvement | Priority: | Major |
Reporter: | Vivek Sachdeva (google.com) | Assignee: | Vivek Sachdeva (google.com) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | accessibility, ui | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
Technology Used: NVDA (ver. 2016.1), Firefox (ver. 48.0.2) on Windows 10 PC |
Description |
Problem: Solution: |
Comments |
Comment by cer28 [ 22/Oct/18 ] |
[GRP-1437] UI Accessibility Improvements: The graphic after “Browse Folders” is not labeled and is read only as “clickable.” Created: 07/Dec/16 Updated: 22/Oct/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.3.0 |
Fix Version/s: | 2.4.0, 2.3.0.patch |
Type: | Improvement | Priority: | Major |
Reporter: | Vivek Sachdeva (google.com) | Assignee: | Vivek Sachdeva (google.com) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | accessibility, ui | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
Technology Used: NVDA (ver. 2016.1), Firefox (ver. 48.0.2) on Windows 10 PC |
Description |
Problem: Solution: |
Comments |
Comment by cer28 [ 22/Oct/18 ] |
[GRP-1442] UI Accessibility Improvements: The Recent Activity listing (defined as a table to the screen readers) on the Grouper home page has no meaningful labels Created: 12/Dec/16 Updated: 22/Oct/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.3.0 |
Fix Version/s: | 2.4.0, 2.3.0.patch |
Type: | Improvement | Priority: | Major |
Reporter: | Vivek Sachdeva (google.com) | Assignee: | Vivek Sachdeva (google.com) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | accessibility, ui | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
Technology Used: NVDA (ver. 2016.1), Firefox (ver. 48.0.2) on Windows 10 PC |
Description |
Problem: Solutions: |
Comments |
Comment by cer28 [ 22/Oct/18 ] |
[GRP-1478] UI Accessibility Improvements: Privileges interface not accessible to keyboard-only or screenreader users Created: 29/Jan/17 Updated: 22/Oct/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.3.0 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Major |
Reporter: | Vivek Sachdeva (google.com) | Assignee: | Vivek Sachdeva (google.com) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | accessibility, ui | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
Technology Used: NVDA (ver. 2016.1), Firefox (ver. 48.0.2) on Windows 10 PC |
Attachments: | chrome Version 62.0.3202.75 (Official Build) (64-bit).png |
Description |
Problem: As mentioned in the AUL report, the privileges table interface is not accessible to keyboard-only or screenreader users. Specifically, none of the faux checkboxes for setting user privileges is accessible by the keyboard. |
Comments |
Comment by mchyzer [ 08/Feb/17 ] |
what if the checkboxes were wrapped in an "a" tag? What if spaces where there is no checkbox had an "a" tag around whitespace? would that make it work? |
Comment by cer28 [ 22/Oct/18 ] |
Relevant commits dated before the Feb 8 comment, although grouper_v2_3_0_ui_patch_27 includes this ticket and was from 5/27/2017. Still an open issue? |
[GRP-1642] Error removing attestation from directly assigned group Created: 30/Nov/17 Updated: 22/Oct/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.3.0.patch |
Fix Version/s: | 2.4.0, 2.3.0.patch |
Type: | Bug | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
When a group has directly assigned attestation, attempting to unset it by editing option to "No, does not have attestation directly assigned" returns an error on submission:
Stack trace attached. In my case, the stem didn't have any attestation, so I was expecting the change to just delete the attestation attribute, or blank out the fields or something. |
Comments |
Comment by cer28 [ 30/Nov/17 ] |
original ticket was marked duplicate instead. |
Comment by cer28 [ 22/Oct/18 ] |
[GRP-1933] fix rule EL Created: 17/Oct/18 Updated: 17/Oct/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
if a rule if condition has a trailing space, trim it if a rule then condition has a semicolon, change ${} to $}} to run as statement... unless it already has ${{ |
[GRP-1932] edit attribute value doesnt show whole value in some cases Created: 16/Oct/18 Updated: 16/Oct/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | image-2018-10-16-17-38-09-588.png image-2018-10-16-17-39-04-445.png |
Description |
the attribute value has a long string, and when editing, it truncates
|
Comments |
Comment by mchyzer [ 16/Oct/18 ] |
|
Comment by mchyzer [ 16/Oct/18 ] |
|
[GRP-1929] the attribute name drop down in attribute assignments should show display names Created: 14/Oct/18 Updated: 14/Oct/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Comments |
Comment by mchyzer [ 14/Oct/18 ] |
also on the confirm screen it should show the display name |
Comment by mchyzer [ 14/Oct/18 ] |
also on the attribute name screen |
Comment by mchyzer [ 14/Oct/18 ] |
attribute value assign screen needs a head that says "Attribute value assignment" or something |
[GRP-1926] status servlet should not show "excluded jobs" when a "&includeOnly" list of jobs is used Created: 12/Oct/18 Updated: 12/Oct/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
It would be nice to be able to "trim down the output when "&includeOnly=job1,job2,job3" is requested.
Getting back a lot of lines that say: " ignored in config since URL param contains includeOnly which doesn't have '<some_job_name>'" clutters the screen and makes it harder to parse the output visually.
Maybe this could be done with an additional parameter, "&showSkipped=false" to trim the existing output?
And ws.diagnostic.showSkipped could have a default value honored from the config files if one is not specified on the URL. That way the default can be set to "true" or "false" depending on the desires for the installation.) |
[GRP-1912] Miscellaneous >> Loader jobs include "other jobs" and "internal jobs" in list of logs. Created: 24/Sep/18 Updated: 24/Sep/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
v2.3 |
Description |
There are several "standard jobs" that are no displayed on the "Loader Jobs" page that would be helpful to be able to review/monitor.
It would be nice if, at least, all of the standard "built in" jobs could be see. It would be even better if any job could be seen. ( Including custom jobs local to each environment. like "OtherJobs" or local custom use of quarts too. ( Maybe by an extensible "drop down list" of report names? ) |
Comments |
Comment by black.123 [ 24/Sep/18 ] |
Example job_names: MAINTENANCE__builtinMessagingDaemon
OTHER_JOB_attestationDaemon CHANGE_LOG_changeLogTempToChangeLog
I did I miss any of the "internal jobs" in the above list? |
[GRP-1891] Cannot delete groups Created: 07/Sep/18 Updated: 07/Sep/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Major |
Reporter: | Stefano Angioni (Inactive) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
Grouper v2.3.0 with all UI patches (up to #46) running on Linux Ubuntu 16.04.4 LTS xenial |
Description |
We get the following error trying to delete Grouper groups via the UI (Browse folders->More Actions->Delete Group): Error: Why cant deprovisioning def base def be found?, Exception in delete: edu.internet2.middleware.grouper.attr.value.AttributeAssignValue, edu.internet2.middleware.grouper.hibernate.ByObject@499761d0, Problem in HibernateSession: HibernateSession (6e385e5b): notNew, notReadonly, READ_WRITE_NEW, activeTransaction, session (14a0d929), Exception in delete: edu.internet2.middleware.grouper.attr.value.AttributeAssignValue, ByObjectStatic, query: ', cacheable: null, cacheRegion: null, entityName: null, tx type: null, Problem in HibernateSession: HibernateSession (3ca80dc4): notNew, notReadonly, READ_WRITE_NEW, activeTransaction, session (14a0d929), Problem deleting attribute assignValue: AttributeAssignValue.id#939399c455a94b9a9908beb2e54c2eea , Problem in HibernateSession: HibernateSession (2a781695): notNew, notReadonly, READ_WRITE_NEW, activeTransaction, session (14a0d929), Problem deleting attribute assign: AttributeAssign[id=dd73d24720b247de83c49444215c0668,action=assign,attributeDefName=bath:provisionClass, group=Group[name=XXXXXX,uuid=b8b67b15ce9d4de188d3adebaccbe68d]] , Problem in HibernateSession: HibernateSession (331489b8): new, notReadonly, READ_WRITE_NEW, notActiveTransaction, session (14a0d929), Problem calling method groupDeleteSubmit on edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2Group
When we try to delete any attributes on that Group, we get the following error trying to delete the attribute value (Lite UI->Manage Attributes and permissions->View or assign attributes->Owner Type: Group and Owner Group: the group->Filter->then click cross on attribute value): Error: Why cant deprovisioning def base def be found?, Exception in delete: edu.internet2.middleware.grouper.attr.value.AttributeAssignValue, edu.internet2.middleware.grouper.hibernate.ByObject@2b81abd8, Problem in HibernateSession: HibernateSession (917b941): notNew, notReadonly, READ_WRITE_NEW, activeTransaction, session (7550df8a), Exception in delete: edu.internet2.middleware.grouper.attr.value.AttributeAssignValue, ByObjectStatic, query: ', cacheable: null, cacheRegion: null, entityName: null, tx type: null, Problem in HibernateSession: HibernateSession (2007b250): new, notReadonly, READ_WRITE_NEW, notActiveTransaction, session (7550df8a), Problem deleting attribute assignValue: AttributeAssignValue.id#939399c455a94b9a9908beb2e54c2eea , Problem calling method assignValueDelete on edu.internet2.middleware.grouper.grouperUi.serviceLogic.SimpleAttributeUpdate and the following error trying to delete the attribute itself (Lite UI->Manage Attributes and permissions->View or assign attributes->Owner Type: Group and Owner Group: the group->Filter->then click cross on attribute): Error: Why cant deprovisioning def base def be found?, Exception in delete: edu.internet2.middleware.grouper.attr.value.AttributeAssignValue, edu.internet2.middleware.grouper.hibernate.ByObject@54ace2fc, Problem in HibernateSession: HibernateSession (10215f08): notNew, notReadonly, READ_WRITE_NEW, activeTransaction, session (1529b3ce), Exception in delete: edu.internet2.middleware.grouper.attr.value.AttributeAssignValue, ByObjectStatic, query: ', cacheable: null, cacheRegion: null, entityName: null, tx type: null, Problem in HibernateSession: HibernateSession (64d018a4): notNew, notReadonly, READ_WRITE_NEW, activeTransaction, session (1529b3ce), Problem deleting attribute assignValue: AttributeAssignValue.id#939399c455a94b9a9908beb2e54c2eea , Problem in HibernateSession: HibernateSession (549302c4): new, notReadonly, READ_WRITE_NEW, notActiveTransaction, session (1529b3ce), Problem deleting attribute assign: AttributeAssign[id=dd73d24720b247de83c49444215c0668,action=assign,attributeDefName=YYYYY, group=Group[name=XXXXX,uuid=b8b67b15ce9d4de188d3adebaccbe68d]] , Problem calling method assignDelete on edu.internet2.middleware.grouper.grouperUi.serviceLogic.SimpleAttributeUpdate Please let us know if you need any more information. Thanks!
|
[GRP-1873] renaming attribute name does not change the display name (but does change display extension) Created: 17/Aug/18 Updated: 17/Aug/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-1869] add attestation to a folder with 30 days and custom email address, attest now, that doesnt propagate Created: 16/Aug/18 Updated: 16/Aug/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-1863] grouper installer should edit the basic auth in web.xml if user wants to (or if not there before?) Created: 08/Aug/18 Updated: 08/Aug/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-1861] clicking on "Deprovisioning" on group gives error Created: 08/Aug/18 Updated: 08/Aug/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | 2.4.0 |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Error: Deprovisioning is disabled, Problem calling method deprovisioningOnGroupReport on edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2Deprovisioning |
[GRP-1848] 2.3 patch 44 UI for does not include function to search/add permission(s) from the resource Created: 26/Jul/18 Updated: 26/Jul/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
2.3 UI patch 44+ |
Attachments: | 2018.07.26.UI-Permissions.png |
Description |
Both the "filter" and "New Assignment" functions are not yet available in the UI in the "New UI" but exist in the "Lite UI". |
[GRP-1844] Subjects should have an "audit" UI ( like groups do) Created: 25/Jul/18 Updated: 25/Jul/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
2.3 |
Description |
Groups offer a way to review "audit Log" data (Point in time data?) for the group to see when members were added/removed.
However, sometimes it is more about a Subject than a group.
I would like to have a "Functions --> View audit Log" features added to the UI. ( operation=UiV2Subject.thisSubjectsAttributeDefPrivileges&subjectId=SomeID&sourceId=SomeSource ) that would look for all membership changes for the displayed subject. |
[GRP-1840] service assign to displayed Created: 20/Jul/18 Updated: 20/Jul/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
----
Steps to reproduce: Create an Attribute Def of Type="Service". Save it. Navigate away from it. Go back and "Edit" it.
Problem: When editing a Type="Service" attribute definition all of the "Assign to" values are displayed. However, the rules for a Type="Service" attribute definition only allow "Folder" to be selected. ( Other values are hidden when the user toggles/changes the Type value. )
Please always hide/show the "Assign to" values on screen display to the correct state for the Type value.
NOTE: this may or may not apply to other Type values. ( I did not test other values.)
– Carey Matthew Black.123@osu.edu Office of the Chief Information Officer (OCIO) Identity and Access Management - Security Engineer-Lead 614-292-6079 Office
|
[GRP-1824] add daemon job logs to UI Created: 14/Jun/18 Updated: 06/Jul/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Michael Gettes | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | grouper consumers.sql grouper.sql |
Description |
It would also be good to be able to have an option to see ALL loader jobs - internal such as changelogtemp, reporting, maintenance and so on in this interface. Thank you! |
Comments |
Comment by Michael Gettes [ 06/Jul/18 ] |
I have attached some sql i use to monitor the loader log in mariadb. it's not just the loader log but also changelog entry counts and what's happening with the changelog consumers. Please consider these as you determine what you might want to do. When I run this SQL it is very useful to set a refresh time so I can see the data change. A web page with auto-refresh to see the data change or something ajax-y would be VERY helpful. Thank you for considering this. |
[GRP-1816] On the Grouper home page, “Create new group” ( drop down menu ) does not work for keyboard navigation Created: 30/May/18 Updated: 30/May/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | accessibility | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
After loading the home page. ( don't use the mouse) Maybe you can add a href="#" to the That appears to make it keyboard accessible in chrome for me. |
[GRP-1790] If you save a permission assignment to a role, it should collapse the screen and show the permissions for the role Created: 07/May/18 Updated: 14/May/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | image-2018-05-14-09-58-45-546.png |
Comments |
Comment by vsachdeva [ 13/May/18 ] |
@Chris I am not able to replicate this bug. When you get a chance, could you list the steps? For role and subject assignment, the assignment form is collapsed and the updated list of permissions is shown. |
Comment by vsachdeva [ 13/May/18 ] |
I think I fixed this issue under GRP-1793. |
Comment by mchyzer [ 14/May/18 ] |
ok, this is what I get on the demo server, but its not updated |
Comment by mchyzer [ 14/May/18 ] |
|
[GRP-1794] Permissions menu entry should change URL so it is bookmarkable Created: 07/May/18 Updated: 13/May/18 |
|
Status: | In Progress |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Vivek Sachdeva (google.com) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Comments |
Comment by vsachdeva [ 13/May/18 ] |
This issue has been fixed under GRP-1793 |
[GRP-1793] The members tab doesn’t work (click and nothing happens) when on the form to assign a new permission Created: 07/May/18 Updated: 13/May/18 |
|
Status: | In Progress |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Vivek Sachdeva (google.com) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-1789] If there is no permissionDef in a permission assignment, then compute that from the permission name. Currently as error is thrown Created: 07/May/18 Updated: 13/May/18 |
|
Status: | In Progress |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Vivek Sachdeva (google.com) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Same for attributes |
[GRP-1780] when you select an attribute to assign it shows folder icons instead of gear icons Created: 05/May/18 Updated: 13/May/18 |
|
Status: | In Progress |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Vivek Sachdeva (google.com) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | image-2018-05-05-12-33-51-183.png |
Comments |
Comment by mchyzer [ 05/May/18 ] |
|
[GRP-1776] you dont need an attribute def to assign an attribute to an object Created: 04/May/18 Updated: 13/May/18 |
|
Status: | In Progress |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Vivek Sachdeva (google.com) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | image-2018-05-03-22-15-44-653.png |
Comments |
Comment by mchyzer [ 04/May/18 ] |
|
[GRP-1767] If I am viewing an attribute def or name, and create a new name, prepopulate the attribute definition Created: 03/May/18 Updated: 13/May/18 |
|
Status: | In Progress |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Vivek Sachdeva (google.com) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | image-2018-05-03-11-14-44-521.png |
Comments |
Comment by mchyzer [ 03/May/18 ] |
|
[GRP-1764] Move create attribute def and attribute def name from left top menu to stem more actions dropdown Created: 03/May/18 Updated: 13/May/18 |
|
Status: | In Progress |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Vivek Sachdeva (google.com) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | screenshot-1.png screenshot-2.png |
Description |
Upper left menu should just have folders and groups for creating |
Comments |
Comment by mchyzer [ 03/May/18 ] |
Take create attribute out of this menu Add create attribute to this menu |
[GRP-1760] Invalid options when viewing actions for attribute assignments Created: 03/May/18 Updated: 13/May/18 |
|
Status: | In Progress |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Shilen Patel (duke.edu) | Assignee: | Vivek Sachdeva (google.com) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Go to the attribute assignments for a group.
|
[GRP-1759] When viewing an attributeDefName, the actions drop down has an unnecessary link to itself Created: 03/May/18 Updated: 13/May/18 |
|
Status: | In Progress |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Shilen Patel (duke.edu) | Assignee: | Vivek Sachdeva (google.com) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
The drop down has an option for "View attribute name" which is where you currently are. |
[GRP-1751] auto navigate back to the "Attribute Assignments" sub panel after add assignment Created: 02/May/18 Updated: 13/May/18 |
|
Status: | In Progress |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Vivek Sachdeva (google.com) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
---- Testing attribute assignment via the UI. For an attribute Def: userFolders:black.123@osu.edu:test-attrs For an attribute Name: userFolders:black.123@osu.edu:ANamedValueList BUG: After Assigning an AttrName to an object (Save button on the "Attribute Assignments" sub panel) the panel should be "auto navigated back to the "Attribute Assignments" sub panel, and/or the table on the sub panel should be refreshed to show the new assignment. I added the Def and the AttrName to a folder. (userFolders:black.123@osu.edu:mine) If I navigate way from the "Attribute Assignments" sub panel, then I can add one more value, but it again blocks creating an additional value again. Let me know If you can not reproduce the issues above. I will keep poking around too. – |
[GRP-1785] Permission def creation should not prompt the user for value type, should be “no value”. Created: 07/May/18 Updated: 13/May/18 |
|
Status: | In Progress |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Vivek Sachdeva (google.com) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Can permissions by multi-assign? I think so. Try to make sure |
[GRP-1804] show query on subject diagnostics Created: 10/May/18 Updated: 10/May/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-1784] When you assign a value, the attribute name is wrong (its the base name) Created: 07/May/18 Updated: 07/May/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | errorWrongAttributeName.png |
[GRP-1798] Roles need inheritance screens just like actions Created: 07/May/18 Updated: 07/May/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-1796] Add a screen on a permission resource to see who has access Created: 07/May/18 Updated: 07/May/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-1792] You should be able to view user permissions from a role as well? Created: 07/May/18 Updated: 07/May/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
discuss this |
[GRP-1791] You should be able to assign a permission to a user in a role from the role permissions screen (maybe ask for type, then have them fill out the form) Created: 07/May/18 Updated: 07/May/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-1788] If a group is a role or local entity, then menu and create/editScreen should say “role” or “local entity” instead of group Created: 07/May/18 Updated: 07/May/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-1787] If the attribute is a permission, then menu and create/editScreen should say “permission name” instead of “attribute name” Created: 07/May/18 Updated: 07/May/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-1786] There should be a “create new action” in submenu for actions tab Created: 07/May/18 Updated: 07/May/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-1783] Trace memberships: composite factor minus unknown. Why unknown if grouperSystem Created: 07/May/18 Updated: 07/May/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-1775] imm membership attribute should show in audits Created: 03/May/18 Updated: 03/May/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Task | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | image-2018-05-03-15-37-47-732.png |
Comments |
Comment by mchyzer [ 03/May/18 ] |
|
[GRP-1774] make sure the new ui external subject ui can be called from another authn method like 2.3 Created: 03/May/18 Updated: 03/May/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Task | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-1773] Add requireGroups to new UI Created: 03/May/18 Updated: 03/May/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Task | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
This should be able to use composites or rules |
[GRP-1772] Add include/exclude identification to new UI Created: 03/May/18 Updated: 03/May/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Task | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
This is not designed yet. Maybe a screen associated with a menu item. Should give information about which include/exclude group it is. |
[GRP-1769] remove text in translated text file from admin UI (add to admin UI bolt on?) Created: 03/May/18 Updated: 03/May/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Task | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
This could be difficult but we could give it a shot... or maybe we shouldnt risk it... |
[GRP-1768] Attestation log privileging Created: 03/May/18 Updated: 03/May/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Shilen Patel (duke.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
It was intended that if you had READ you could see attestation. Maybe the names of who did it should be redacted if you don’t have ADMIN, or we should look at it more carefully? Can you please open a jira and we can fix it later?
Thanks Chris
From: grouper-core-request@internet2.edu [grouper-core-request@internet2.edu] On Behalf Of Shilen Patel
If you only have READ access to a group, is it expected that you should be able to see the attestation audit log? If you only have READ access, then you can’t see the privileges for the group. But if you can look at the attestation log, you can figure out at least some of the privileges. The same question applies to the user audit (GRP-1756). This is really a question – I don’t know if the current behavior is correct or not. Thoughts?
Thanks!
|
[GRP-1766] Add tooltips on privilege Created: 03/May/18 Updated: 03/May/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.3.0 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Yoann Delattre (Inactive) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | tooltip.jpg |
Description |
Hi, for helping my users, i added tooltips on privileges with some explanation (like in the Admin UI). I will make a PR, if you want to integrate it Thanks, Yoann. |
Comments |
Comment by Yoann Delattre (Inactive) [ 03/May/18 ] |
I just did the PR : https://github.com/Internet2/grouper/pull/85 Thanks, Yoann |
[GRP-1763] picking an attribute or metadata attribute should limit the choices available Created: 03/May/18 Updated: 03/May/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | screenshot-1.png |
Description |
Error: Cant find a scope definition that fits this assignment: AttributeDef[name=etc:attribute:rules:rulesAttrDef,uuid=190a67eeed1847f789d2053962efe686], AttributeAssign[id=4e619ed2c0674b9db2ff599a5e729772,action=assign,attributeDefName=test:testAttributes:attr1, stem=Stem[displayName=test,name=test,uuid=4a8ada61a55f4c96987344693dd86502,creator=2f338cf8e7724e5bb3770dc66b9cd65e]], Problem calling method assignMetadataAddSubmit on edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2StemAttributeAssignment |
Comments |
Comment by mchyzer [ 03/May/18 ] |
[GRP-1756] check user audit security Created: 02/May/18 Updated: 02/May/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Task | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Make sure user can only see logs on objects they are allowed to. For membership logs, should be on groups they can READ/ADMIN. For priv logs, they can ADMIN, for attribute logs, needs ATTR_READ and READ on the ATTR. |
Comments |
Comment by mchyzer [ 02/May/18 ] |
Note, if this is too complicated, we could expose this only to grouper admins for now... |
[GRP-1755] adjust text on user audit screens Created: 02/May/18 Updated: 02/May/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
All three screens "membership", "privs", "actions", say this: "The audit log displays all recent activity related to this subject." Each of the three should say something different |
[GRP-1754] group menu has audit, membership, action, audit, needs to adjust Created: 02/May/18 Updated: 02/May/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Is the action audit and same as the audit? If so, remove the "action audit"? I added a priv and then I didnt see the group priv audits. Either remove the button until its fixed or fix it. |
[GRP-1748] Text in tooltips goes outside the popup Created: 30/Apr/18 Updated: 30/Apr/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.3.0 |
Fix Version/s: | None |
Type: | Bug | Priority: | Trivial |
Reporter: | Yoann Delattre (Inactive) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Hi, as describe in the title, text in tooltips goes outside the popup :
Thanks, Yoann. |
Comments |
Comment by Yoann Delattre (Inactive) [ 30/Apr/18 ] |
I did a PR (83) with a proposition for fixing this Thanks, Yoann. |
[GRP-1746] Some tooltips still have a display problem Created: 26/Apr/18 Updated: 26/Apr/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.3.0 |
Fix Version/s: | None |
Type: | Bug | Priority: | Trivial |
Reporter: | Yoann Delattre (Inactive) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Hello,
But, there are still some tags who have the "white-space: nowrap" in french AND english translation file : guiAttributeDefShortLink Thanks, Yoann.
|
[GRP-1733] Add Audit view for user Created: 18/Apr/18 Updated: 18/Apr/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.4.0 |
Fix Version/s: | 2.4.0 |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
The group view in the UI has an audit query view, to see when users get added and removed in the group. But if you are troubleshooting a specific user in multiple groups, it gets to be more work flipping through pages and jumping to multiple groups. With an audit view on the user page, one can see a summary of all the changes for the user much quicker.
Note sure if this is the same as GRP-365 which is still open.
|
[GRP-1691] add a way to export only direct members of a group Created: 14/Feb/18 Updated: 14/Feb/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-1690] add a bulk remove feature in grouper similar to bulk add Created: 14/Feb/18 Updated: 14/Feb/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-1657] Ability to have predecessor successor order for Loader Jobs Created: 05/Jan/18 Updated: 05/Jan/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
It would be useful to be able to run a loader job to completion and then start/call the next loader job to be done.
This would allow a chain of Loader jobs to do things like: LDAP load basis group. ( could add new groups/structures) SQL loader job to use the data that was just loaded and do the next step. (Example: auto creating Access Policy Groups for any new basis groups that were created)
If the second job starts to soon, it may not do all of what it should do in that cycle. That condition would produce an unnecessary or incomplete results for that cycle. |
Comments |
Comment by mchyzer [ 05/Jan/18 ] |
I think we would need to code this, but I think it wouldnt be too bad.. https://stackoverflow.com/questions/13486607/how-to-do-sequential-job-scheduling-quartz Maybe a schedule type that is "DependencySchedule" which would not schedule the job with quartz, but when jobs run, see if any are dependent on it, and run that before the job is done... |
[GRP-1656] if you unconfigure a loader job in ui, it should not tell you to schedule, and should remove the other fields when not configured (with ajax) Created: 05/Jan/18 Updated: 05/Jan/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-1655] ATTRIBUTE READ is repeated in folder inherited privileges Created: 05/Jan/18 Updated: 05/Jan/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Attribute privileges: |
[GRP-1654] ui shows create implies attribute read Created: 05/Jan/18 Updated: 05/Jan/18 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
FOLDER: I just tested it and having only folder Create indeed did not let me see/edit attribute assignments on the folder even though I had Admin on the AttributeDef. If I have direct Attribute read on the folder (with or without Create) I can see assignments. If I have Attribute update and Attribute read on the folder, I can see/edit assignments. Since folder Create implies Attribute read/write (at least in the UI), I had expected to be able to see/edit attribute assignments of the folder. Bug? |
[GRP-1622] "My activity" page that would support admins reviewing a named user's activities/changes Created: 24/Oct/17 Updated: 24/Oct/17 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
It would be helpful to have a UI to review activities of/regarding a selected user(s). If a subject(s) could be selected and that user's activities could be reviewed would be a helpful feature for troubleshooting user driven changes that might have affected a group or another subject. Also, if the named subject could be used to find "activities that affected that user" that would be helpful too. |
[GRP-1620] Composite group problems Created: 23/Oct/17 Updated: 23/Oct/17 |
|
Status: | Open |
Project: | Grouper |
Component/s: | grouperLoader, UI, WS |
Affects Version/s: | 2.3.0 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
REF Email: Quick summary: I suspect that this condition is barely understood about the inner workings of the system by most deployers and/or users. In the current non-blocking model, with an attempt to not “thrash the system” and make every save take minutes, I could see the idea of stacking up a queue (change log consumer?) to process these checks/corrections in a timely ( a few minutes, < 2 ? , < 5 ? ) manor. I could imagine some cases were you always want: ) change in “this special group” to be 100% completed “NOW”. ( Global Exclude groups, or just “important” Exclude groups, etc… And maybe even in some “include groups” too.) ) While other groups may be ok to be “loosely consistent”. ( “Provision that group in the next hour and no harm done. “ ) Especially when in the context of Access Control Policies and/or Provisioning/DE provisioning. So maybe membership changes also needs to force (queue/call) Prov/DeProv processes too? |
[GRP-1608] Browsing folders and groups is extremely slow Created: 27/Sep/17 Updated: 27/Sep/17 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.3.0 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Dusty (Inactive) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | ui | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
RHEL 7, Dockerized Grouper |
Description |
With this setting in groper.base.properties set to true, we have users that experience minutes long load times for the tree under 'Browse Folders'. When set to false, the problem goes away and the tree loads quickly. I would expect longer load times with the increased security for viewing the tree, but minutes seemed like too long.
|
[GRP-1594] Setting date format Created: 24/Aug/17 Updated: 24/Aug/17 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.3.0 |
Fix Version/s: | None |
Type: | Bug | Priority: | Trivial |
Reporter: | Yoann Delattre (Inactive) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | audit.jpg description.jpg my_activity_1.jpg my_activity_2.jpg |
Description |
Hi, For setting all the dates in french format (mostly in audit pages), i put this in grouper-ui.properties :
It seems to me that these parameters have no effect. there is, also, the calendar in My activity page who use MM/JJ/AAAA format. It would be great if the format could be set. Apparently, it's possible to set the date format (see http://api.jqueryui.com/datepicker/#option-dateFormat). Thanks, |
[GRP-1559] improve log messages to identify configurations that are in valid Created: 07/Jun/17 Updated: 09/Aug/17 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
REF: https://bugs.internet2.edu/jira/browse/GRP-1558 Maybe the configuration checking process should flag settings that "don't make sense" so that the implementer could be told "x does not exist in source 'a', Please correct setting 'foo' with a valid value" message in the logs? ( Maybe a special "check config" function should do it instead of at "start up"?) Not limited to "email", Think more generally. Validate any "hard coded config strings" that are subject to the possibility of not being valid for use. |
[GRP-1580] Differencing tool with healing capabilities (UI) Created: 10/Jul/17 Updated: 10/Jul/17 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Michael Gettes | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
As posted to the grouper-users list: If there was a grouper tool to show the differences of group memberships between 2 users and then 2 magic options (make user1 like user2, or make user2 like user1) - this would be a nice way of healing users who should have all the abilities of another. Also, with the above UI tool, give me the option of selecting which groups to “heal” for the 2 users involved with checkboxes on each group. I hope this makes sense and would be useful to others. Maybe this has already been thunk up and in the hopper for some future development? |
[GRP-1579] attestation icon on groups is a folder and not a group Created: 10/Jul/17 Updated: 10/Jul/17 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | 2.3.1, 2.4.0, 2.3.0.patch |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | attestationIconWrongForGroups.jpg |
[GRP-1578] make the last breadcrumb clickable in attestations so the group/stem can be navigated to Created: 10/Jul/17 Updated: 10/Jul/17 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | 2.3.1, 2.4.0, 2.3.0.patch |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 1 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-1576] by default attestion gives non a number error on rectify field Created: 10/Jul/17 Updated: 10/Jul/17 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | 2.3.1, 2.4.0, 2.3.0.patch |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Error: Days until rectify field can only be a number Note, the form does not re-appear for "add attestation" errors, and the fields or error indicators do not show |
[GRP-1572] Misc:Loader Jobs, Please display cron schedule for the jobs Created: 23/Jun/17 Updated: 23/Jun/17 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
all |
Description |
I think it would be helpful to see the cron schedule in the Loader jobs. I know the horizontal space is tight. Maybe |
[GRP-1545] subject api diagnostics on ui does not show for admins Created: 21/May/17 Updated: 21/May/17 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | 2.3.1, 2.4.0, 2.3.0.patch |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Comments |
Comment by mchyzer [ 21/May/17 ] |
note: I think it might show for non admins |
[GRP-1546] can be looping in csrf protection if old session Created: 21/May/17 Updated: 21/May/17 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | 2.3.1, 2.4.0, 2.3.0.patch |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-1542] same subject id or identifier in multiple sources will cause error in ui Created: 12/May/17 Updated: 12/May/17 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | 2.3.1, 2.4.0, 2.3.0.patch |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
From: Akki Kumar amazingquestions007@gmail.com Hi Chris, The Sources.xml file has two different source ids (ldap & ad). When I search for the user (Screenshot - a.jpg) in the Member Name or ID field, it spins and errors out (do not show the drop down). However, when I search for the user in the Search for an entity window (Screenshot - c.jpg), and it works. I am little baffled as to why the userid search work in the Search for an entity window and not for the Member Name or ID. Is screenshot will fine? I have attached screenshots to below link: Screenshots: Both source ids, ldap & ad, points to a different directory access protocol. Thanks, On Thu, May 11, 2017 at 1:10 PM, Hyzer, Chris <mchyzer@isc.upenn.edu> wrote: As you know, its best not to have overlaps in subject sources… any chance you can get a normalized view of users in a database or something? However, this should work. If you type in the userid and click add, that wont work, but if you type in a userid, and select the user from the combobox, and click add, that should work. That associates it with a source id (or at least it should ) Any chance you can make a quick video (e.g. on your phone) of the screen where you get the error and send it to me so I can see how this happens? Thanks From: Akki Kumar amazingquestions007@gmail.com Hi Chris, I installed Grouper 2.3.0 and created two source adapters, LDAP & AD, in sources.xml. Grouper threw below error when I search for a user (after clicking on the "Add members" button). I believe, it's trying to search for a user in both, LDAP & AD, and that is one of the reason it found multiple subjects. Question: Note: Error: Thank you, |
[GRP-1535] add a notes field for memberships (and other objects)? Created: 19/Apr/17 Updated: 19/Apr/17 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
so the intent of the assignment or creation can be tracked. i.e. why did this exception to the policy get created? |
[GRP-1504] API method hasPrivilege (e.g. hasRead) is confusing, and needs to be refactored and fixed Created: 23/Mar/17 Updated: 23/Mar/17 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, UI, WS |
Affects Version/s: | None |
Fix Version/s: | 2.4.0 |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
[AI] (Chris) Regarding GRP 1480, do we need to go through the code and look for hasPrivilege() and change to canHavePrivilege()? In 2.4 we can rename hasPrivilege to hasImmediatePrivilege, add the old back and deprecate |
Comments |
Comment by mchyzer [ 23/Mar/17 ] |
Note, this should be done in mast right before 2.4.0 release |
[GRP-1491] csrfguard does not close all inputstreams in ConfigPropertiesCascadeBase Created: 28/Feb/17 Updated: 28/Feb/17 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-1485] rename "admin ui" "old admin ui" Created: 08/Feb/17 Updated: 08/Feb/17 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-1402] IE11 partially renders the UI Created: 02/Nov/16 Updated: 08/Feb/17 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.3.0 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Misagh Moayyed | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | IE11.png ieUi.jpg |
Description |
IE11 seems to partially render the UI. Tried IE10 and IE9. With or without compatibility mode. Note that FF and Chrome seemed to do fine. This 2.3 on the latest patch. |
Comments |
Comment by mchyzer [ 02/Nov/16 ] |
note this works for some people and not others in IE... |
Comment by cer28 [ 01/Feb/17 ] |
I don't know if this is related, but the FontAwesome icons don't show up for us in IE. The reason for us is a combination of our load balancer putting a "Cache-Control: no-cache" on every page, a https URL, and the IE bug: @font-face not working with Internet Explorer and HTTP-Header Pragma=no-cache. It has existed since 2014, and they have no plans to fix it. |
Comment by mchyzer [ 08/Feb/17 ] |
thats ridiculous... |
[GRP-1467] allow UI "Left column" to resize(manually or automatic) so that longer paths can be displayed in the UI Created: 20/Jan/17 Updated: 20/Jan/17 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Carey Black (osu.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
GrouperUI |
Description |
The left column that has the "+Create new group" button, "Quick links", and "Browse folder" areas should be able to "drag to resize" ( at least from right to left) to allow the "Browse folder" function to display longer paths/names. The current Max characters displayed is (about) 30. Most group structures will likely need a wider display to see the structure. An easy example to see the problem is: Yes there is a horizontal scroll bar, but that is not as nice as an expandable UI frame. As another possible alternative: Make the "Browse Folders" span both columns in the UI at the very top. Leave it collapsed by default. (Just another thought.) |
[GRP-1436] UI Accessibility Improvements:“Quick Links” is read as a button whereas it is actually an expandable list. Created: 07/Dec/16 Updated: 07/Dec/16 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.3.0 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Major |
Reporter: | Vivek Sachdeva (google.com) | Assignee: | Vivek Sachdeva (google.com) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | accessibility, ui | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
Technology Used: NVDA (ver. 2016.1), Firefox (ver. 48.0.2) on Windows 10 PC |
Description |
Problem: Solution: |
[GRP-1419] Add note to property uiV2.group.allowGroupAdminsToRefreshLoaderJobs Created: 16/Nov/16 Updated: 16/Nov/16 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.2.1.patch, 2.2.2, 2.3.0 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chad Redman (unc.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
|
[GRP-1416] add grouper provisioning to UI Created: 13/Nov/16 Updated: 13/Nov/16 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | 2.3.1, 2.3.0.patch |
Type: | New Feature | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-1379] UI Accessibility Improvements - Search Icon Not Labelled Created: 04/Oct/16 Updated: 11/Nov/16 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.3.0 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Major |
Reporter: | Pregash Devasagayam (Inactive) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | accessibility, ui | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | Grouper - evaluation & remediation.pdf |
Description |
Search Icon Not Labelled Problem: );" href="#" > Solution: );" href="#" aria-label="search"> |
Comments |
Comment by mchyzer [ 19/Oct/16 ] |
Note, please find all search icons and fix them |
Comment by mchyzer [ 11/Nov/16 ] |
Two comments: 1. All text in the UI needs to be from the grouper.text.en.us.base.properties file. I think you have "search" hardcoded in the JSP... can you add to the externalized file and reference it from there? 2. Did you search for other instances like this where a link around a font awesome character has no label? Thanks! |
[GRP-1386] add content security policy to only allow scripts from self (prevent XSS) Created: 16/Oct/16 Updated: 16/Oct/16 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
HTTP header: Content-Security-Policy: script-src 'self' Param to disable this or add more sites |
[GRP-1377] Inherited priv normalization unexpected behavior Created: 26/Sep/16 Updated: 26/Sep/16 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Carl Waldbieser | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
RHEL6 Linux, Grouperv2.2 |
Description |
My goal is to have a folder, "app", that contains a subfolder, "etc" with 2 groups "admins" and "viewers". Members of "admins should be able to create groups and folders under "app", add/remove members, etc. Members of "viewers" should only be able to view memberships and privs on groups under "app". I am using the `inheritGroupPrivileges` rules for both of the groups on the "app" stem, as well as the "normalizeInheritedPermissions" rule on the "app" stem. It seems to work like expect in simple scenarios. Instead of adding members directly to the "admins" and "viewers" groups, I added groups to them. For example, my account is in group "foo" and I add "foo" to "admins". I'm not sure why it appears, but I suspect it has something to do with how the "normalizeInheritedPermissions" rule works. |
[GRP-1370] Error when searching for an entity Created: 23/Sep/16 Updated: 23/Sep/16 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Shilen Patel (duke.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Reproducible on the demo server. Drop down next to "Create new group" -> "Add members to group" -> "search for an entity" -> type in something and hit search. Error: cannot find attributeDefId, nameOfAttributeDef, or attributeDefIndex in url |
[GRP-1349] stem copy in ui should give friendly error if stem already exists Created: 21/Jul/16 Updated: 21/Jul/16 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
2016-07-21 14:23:01,271: [TP-Processor2] ERROR GrouperUiRestServlet.doGet(324) - Problem calling reflection from URL: edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2Stem.stemCopySubmit edu.internet2.middleware.grouper.exception.StemAddAlreadyExistsException: Stem exists: penn:sas:template:mailing_list, |
[GRP-1347] add deleted items names in recently used list Created: 20/Jul/16 Updated: 20/Jul/16 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 1 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
---- In the Recent Activity display I see items like Added group test. 2016/07/20 13:07 PM Can we put the name of the item into the Deleted messages of the Recent Activity display? this is the latest version. Thanks /mrg |
[GRP-1335] Create an audit entry when members are imported into a group using text area Created: 30/Jun/16 Updated: 30/Jun/16 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Vivek Sachdeva | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-1300] error creating service definition in lite ui Created: 12/May/16 Updated: 12/May/16 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-1292] assigning an inherited privilege to a folder should also assign privileges to that folder Created: 24/Apr/16 Updated: 24/Apr/16 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.3.0 |
Fix Version/s: | 2.3.1, 2.3.0.patch |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-1265] Flag a group as "no changes dispersed" Created: 05/Apr/16 Updated: 06/Apr/16 |
|
Status: | Open |
Project: | Grouper |
Component/s: | provisioning, UI |
Affects Version/s: | 2.2.2 |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Michael Gettes | Assignee: | David Langenberg |
Resolution: | Unresolved | Votes: | 1 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
As part of running Grouper, Groups get constructed and distributed to LDAP and other applications. The names of groups and their content becomes critical to the proper operation of applications. Sometimes, as experience grows, the way groups are formed change and need to be re-implemented. Most notably, a composite group wasn't constructed to be sufficiently flexible (or wasn't initially a composite) and the group needs to be re-constructed. During this time of reconstructing the group, no changes should be dispersed via any changelogs so the applications depending on the groups operate un-injured by changes. I'd like to flag a group as "no changes to be dispersed" and then I can fix the group without penalty. When I remove the flag, operation returns to normal. Any mechanisms for resyncing the group may be needed to make sure changes weren't lost, depending on how the consuming application uses the group in question. The sync'ing of a group is outside the scope of this enhancement request. |
Comments |
Comment by bert [ 06/Apr/16 ] |
It looks like the request is for a Changelog-level knob to turn off all downstream changes, but I thought I would document how PSP-NG (2.3) handles this situation. First, each provisioner has a group-selection JEXL expression that defines whether the a group is sync'ed by the provisioner. The group in question can be removed from these expressions by manipulating the stem/group attributes upon which the expression relies. For example, set a do_not_provision_to=<provisioner name> attribute on the group. With the group removed from the selection, the changelog entries removing all the members will be ignored. Second, a provisioner's full-sync behavior may include removing extra groups (which the group in question would be since it doesn't match the selection criteria). This can be handled by setting the provisioner's grouperIsAuthoritative flag to false (disabling the extra-group-deletion behavior) or by turning off full syncs during the transition. Finally, once the changes have occurred, a full-sync will be important to catch up the destination system. |
Comment by Michael Gettes [ 06/Apr/16 ] |
Hi Bert, just to be clear, you said "the request is for a Changelog-level knob to turn off all downstream changes" and I want to add it is in a per group basis. Your description made me realize I needed to add a couple of thoughts. The ability to manage this group-level flag should be controlled as a priv in the UI in some fashion. This is not something just for GrouperSuperAdmins. Users managing applications and other stuff should be able to perform this function if they have access to it. If it is determined controlling access to the function is annoying to develop, you can skip it. The status information (there's a grouper job/function giving all sorts of good status about grouper) and noting the count and even group names of those not being dispersed should be listed. The dispersal list in the status should be specified by an include and an exclude pattern for reporting. For example, a site may wish to never disperse *:include$ and *:exclude$ so having them reported on may be annoying. Of course, a grouper rule to flag these groups for non-dispersal will be a handy thing to document. |
[GRP-1249] change composite type, get error on ui Created: 11/Feb/16 Updated: 11/Feb/16 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Error: Expected a ':' after a key at character 7 of {"list":[ {"timestamp":1455216205366,"uuid":"c83ddd154675459bbd95ed1bf084ee4f"}, {"timestamp":1455216205195,"uuid":"55b7f1fa2e4b4681bec6672a27f8f6f6"}, {"timestamp":1455216205026,"uuid":"902f390b8bb140dcb457d73e93629bd8"}]}, Problem calling method groupEditCompositeSubmit on edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2Group 2016-02-11 17:18:35,355: [http-8089-4] ERROR GrouperUiRestServlet.doGet(321) - - Problem calling reflection from URL: edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2Group.groupEditCompositeSubmit net.sf.json.JSONException: Expected a ':' after a key at character 7 of {"list":[ {"timestamp":1455216205366,"uuid":"c83ddd154675459bbd95ed1bf084ee4f"}, {"timestamp":1455216205195,"uuid":"55b7f1fa2e4b4681bec6672a27f8f6f6"}, {"timestamp":1455216205026,"uuid":"902f390b8bb140dcb457d73e93629bd8"}]}, |
[GRP-1245] add the ability to edit alternate names of objects in the new ui Created: 31/Jan/16 Updated: 31/Jan/16 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-1224] shouldnt be able to change paging size from ui Created: 18/Nov/15 Updated: 18/Nov/15 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
From: Josh Kwan berkeley Hi Chris, I forgot to also include this other issue. I won't produce an advisory for it as it is pretty minor. Here are the details: By default, Grouper's UI allows you to view 10, 25, 50, or 100 results per page for a given search query. By modifying the pagingTagPageSize parameter, it is possible to increase the results per page. POST /gms/grouperUi/app/UiV2Main.searchFormSubmit HTTP/1.1 Example: A search query for "smith" yielded 340 results. Changing pagingTagPageSize parameter to 400 allows viewing of all results on a single page. As I noted in our internal report: "This could have potential performance and/or DoS impacts, or more easily allow full enumeration of the LDAP or other Grouper connected directory." I did not test for DoS or performance impacts and I'm not sure if Grouper really cares about a hard restraint of 100 results per page, but wanted to bring this to your attention. Thanks, Josh |
[GRP-1222] xss vulnerability in tooltips in new UI Created: 18/Nov/15 Updated: 18/Nov/15 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.2.0, 2.2.1, 2.2.2 |
Fix Version/s: | 2.2.2.patch, 2.2.3, 2.3.0 |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Data in tooltips in the new UI are escaped for HTML, but they need to be escaped twice. You need to change the templates that display grouper objects to escape twice like the commit in thie jira. You can either edit the grouper.text.en.us.base.properties file directly (per the commit), or install the patch (if you are in 2.2.2). If you are in 2.2.1, you can upgrade to 2.2.2 to get the patch. |
Comments |
Comment by mchyzer [ 18/Nov/15 ] |
thanks to Josh Kwan at Berkeley for sending in a detailed report about this vulnerability |
Comment by mchyzer [ 18/Nov/15 ] |
https://github.com/Internet2/grouper/commit/8b14c0a6e8ceb9e138f3b9ae2d7f865375daca47 |
Comment by mchyzer [ 18/Nov/15 ] |
grouper_v2_2_2_ui_patch_4 |
Comment by mchyzer [ 18/Nov/15 ] |
note, it is possible to query the database to see if someone is currently exploiting this vulnerability, look for HTML chars in names or descriptions of objects... |
Comment by mchyzer [ 18/Nov/15 ] |
note, if you are using the text overlay to customize any of the edited elements in the commit, you need to edit your overlay accordingly |
[GRP-1215] unfriendly error when assigning privs and not have admin Created: 18/Oct/15 Updated: 18/Oct/15 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.2.2 |
Fix Version/s: | 2.2.2.patch, 2.2.3, 2.3.0 |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
From: Jeff McCullough We still on 2.2.1. I get upgrade it very soon. Following your example, being logged in as that user... Correct, there is no priv tab but when the add member part of the screen is active, it would appear that the user can assign priv to someone they are adding. That is what I was trying to show in the second screen. Jeff Sent from my iPhone On Oct 16, 2015, at 9:35 PM, Chris Hyzer wrote: I created a group, and allowed a user to READ/UPDATE (screenshot 1), then I logged in as that user, and I don’t see a privileges tab (screenshot 2). Where exactly do you see the privilege page if you are not an admin? <image002.png> From: grouper-users-request@internet2.edu On Behalf Of Jeff McCullough When a user has update privs in a group and tries to add other members with privs (say update). The following error is displayed. Error: null, group name: edu:berkeley:org:isp-folder:isp-admin, subject: Subject id: 322584, sourceId: ldap, privilege: update, Problem in HibernateSession: HibernateSession (12d94368): notNew, notReadonly, READ_WRITE_NEW, activeTransaction, session (130af474), Problem in HibernateSession: HibernateSession (54757c6): new, notReadonly, READ_WRITE_NEW, notActiveTransaction, session (130af474), Problem calling method addMemberSubmit on edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2Group Here is the group showing the privs: <image003.png> Here is the attempted addition (The acting user is Test, Emp-Faculty): <image004.png> While I realize that “update” priv really only allows membership updates, shouldn’t it be able to extend update privs to other members? If not, then maybe a more appropriate message is in order. Something like, “You need to have admin privs to extend privs to others.” Thoughts? Jeff |
Comments |
Comment by mchyzer [ 18/Oct/15 ] |
this is a problem for adding a user to a group or for adding a group to a user. Basically the add member screen allows "uncustom" privileges, and privs can be chosen. For the add a member to a group it should not show the option to add privs if not admin, and for adding groups to a user, just show a friendly error. |
Comment by mchyzer [ 18/Oct/15 ] |
This is the stack for adding a group to a user: 2015-10-18 17:19:45,128: [http-8090-4] ERROR GrouperUiRestServlet.doGet(321) - - Problem calling reflection from URL: edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2Subject.addGroupSubmit edu.internet2.middleware.grouper.exception.GrantPrivilegeException: null, group name: aStem:someGroup, subject: Subject id: test.subject.1, sourceId: jdbc, privilege: admin, |
Comment by mchyzer [ 18/Oct/15 ] |
fixed in patch grouper_v2_2_2_ui_patch_1 |
[GRP-1115] show direct membership paths in trace memberships Created: 23/Feb/15 Updated: 13/Oct/15 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.2.1 |
Fix Version/s: | 2.2.2, 2.2.2.patch, 2.3.0 |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
only shows indirect membership paths... sometimes they show (if there is direct and indirect?) also, dont show group names in trace membership that cant be VIEWed. See the test case from |
[GRP-1152] my group memberships hitting enter doesnt work Created: 15/Jul/15 Updated: 13/Oct/15 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.2.1 |
Fix Version/s: | 2.2.2, 2.2.2.patch, 2.3.0 |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
---- Hi, all. It appears that there may be a typo on line 22 of onsubmit="ajax('../app/UiV2MyGroups.myGroupsMemberhipsSubmit', {formIds: 'myGroupsForm, myGroupsPagingFormId'}); return false;"> The following is the corresponding error that a user reported seeing in Problem calling method myGroupsMemberhipsSubmit on java.lang.Object, Thanks! -Dave dave.goldhammer | OIT Identity & Access Management | University of Colorado Boulder |
[GRP-1210] review auditing and privileges Created: 06/Oct/15 Updated: 06/Oct/15 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Who should be able to see audits? People who can READ? Who should be able to see point in time? People who can READ? Does that work in the UI? Is there a wiki that explains this? |
[GRP-1189] show disabled members in group if enabled in future Created: 01/Sep/15 Updated: 01/Sep/15 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.2.1 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
From: Yoann Delattre Hey, if this enhancement could be included in the 2.2.2 release, it would be great Hi, is it possible to show the disabled date for a member directly in the group's member list ? Another thing. When i set an enabled date for a member, he disappears from the group. It's a little disturbing. Is there a way to show a member, in the group's member list, even if there is an enabled date ? Thanks, |
[GRP-1182] Delete multiple groups through UI Created: 19/Aug/15 Updated: 19/Aug/15 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.2.1 |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Pregash Devasagayam (Inactive) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | UCB | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
We would like the ability to select/check multiple groups and delete them all at once, instead of having to select each group one at a time and then deleting the group through the UI. -Pregash Devasagayam |
[GRP-1181] multiple group add to single user through ui Created: 19/Aug/15 Updated: 19/Aug/15 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.2.1 |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Pregash Devasagayam (Inactive) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | UCB | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
There has been a lot of feedback from our campus to allow a person to select multiple groups at once, and add a single user to them through the UI. It looks like this is possible through the import page to select multiple groups, but it is a bit tedious it would be nice if a user can select multiple groups from the search results page and then have the option to add members to them. Pregash Devasagayam |
[GRP-1180] Full user activity log Created: 19/Aug/15 Updated: 19/Aug/15 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.2.1 |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Rahul Doshi (Inactive) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Grouper currently allows a user to see his recent activity on the main page. It would be nice to allow logged in user to see all his activity and search on dates? |
[GRP-1178] if you can view a group but not read attributes, can have issues Created: 16/Aug/15 Updated: 16/Aug/15 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.2.1 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
2015-08-16 22:47:43,007: [TP-Processor7] ERROR GrouperUiRestServlet.doGet(321) - - Problem calling reflection from URL: edu.internet2.middleware.grouper.grouperUi.serviceLogic.UiV2Group.viewGroup java.lang.RuntimeException: Problem converting JSP to string: /WEB-INF/grouperUi2/group/viewGroup.jsp, |
Comments |
Comment by mchyzer [ 16/Aug/15 ] |
this happened with etc:sysadminSubgroup on demo server as mchyzer AT upenn.edu when not a sysadmin, but was an admin of the group... hmmm. Probably since cant read the attribute |
[GRP-1136] membership description (and privilege?) Created: 11/May/15 Updated: 11/May/15 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, UI |
Affects Version/s: | 2.2.1 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
From: David Langenberg davel Pretty much. Also it would be good to have that description show up next to the user in the membership list on the UI just like the membership start/end dates. Dave On Mon, May 11, 2015 at 8:30 AM, Chris Hyzer wrote: ---- As we move forward with grouper at Lafayette we’ve stumbled upon a use case, and it got me wondering what others are doing to keep track of the “why’s”. And if it would make sense to have some kind of capability directly in grouper for this. From our grouper admin: "I would also recommend that some kind of shared document be created to capture "why" certain edge cases are included in particular groups, as there is no annotation feature in Grouper that could be used to explain the reasoning to our future selves.” Best, |
[GRP-681] subject search for "findAll" or "search" throw an error if you have a maxResults in the sources.xml and there are too many results Created: 27/Oct/11 Updated: 25/Apr/15 |
|
Status: | In Progress |
Project: | Grouper |
Component/s: | API, UI, WS |
Affects Version/s: | 2.0.1 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Misagh Moayyed |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Comments |
Comment by mmoayyed [ 24/Apr/15 ] |
Comment by mchyzer [ 25/Apr/15 ] |
this is an old jira... i assume people shouldnt have maxresults anymore right? |
[GRP-666] mavenize the UI with contribution from UCLA Created: 11/Oct/11 Updated: 24/Apr/15 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Trivial |
Reporter: | Tom Zeller | Assignee: | Tom Zeller |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
https://lists.internet2.edu/sympa/arc/grouper-dev/2011-09/msg00031.html |
Comments |
Comment by mmoayyed [ 24/Apr/15 ] |
I believe this is already done and can be closed. UI is mavenized and so is pretty much everything else! |
[GRP-939] export audits for a group Created: 20/Sep/13 Updated: 23/Apr/15 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Penn State is somewhat interested exporting audits for a group into a CSV... instead of a webpage |
Comments |
Comment by mchyzer [ 23/Apr/15 ] |
this would need to be serverside, with a limit I think of a max number of results.... |
[GRP-1105] Long folder descriptions do not wrap Created: 22/Jan/15 Updated: 23/Jan/15 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.2.1, 2.3.0 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Misagh Moayyed | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | Capture.PNG |
Description |
See attached. Also not sure what all that JS code is. |
Comments |
Comment by mchyzer [ 23/Jan/15 ] |
can you reproduce this on the demo server? Im not as concerned with long names not wrapping, but I am concerned about the JS issue. Thanks, Chris |
Comment by mmoayyed [ 23/Jan/15 ] |
I cannot, but I can easily reproduce this on master. Not sure what the difference yet is. |
Comment by mmoayyed [ 23/Jan/15 ] |
Conjecture is, perhaps the long description has something to do with the JS error because I cannot produce this for shorter descriptions. |
[GRP-1085] grouper membership edit screen shows a big H next to the title Created: 17/Nov/14 Updated: 17/Nov/14 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.2.1 |
Fix Version/s: | 2.2.2, 2.3.0 |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-1057] add grouper client call to the status web service Created: 08/Oct/14 Updated: 08/Oct/14 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI, WS |
Affects Version/s: | 2.2.1 |
Fix Version/s: | 2.2.2 |
Type: | New Feature | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Comments |
Comment by mchyzer [ 08/Oct/14 ] |
We have had the situation at Penn where we think the WS is up, but users cannot authenticate to it, this would check full cycle that the WS is up and can service clients |
[GRP-1036] error handling for external person invite Created: 10/Sep/14 Updated: 30/Sep/14 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.2.0 |
Fix Version/s: | 2.2.2 |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
1. Invite clicked on but already used |
[GRP-1035] add simple workflow approval to grouper Created: 10/Sep/14 Updated: 10/Sep/14 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, grouperLoader, UI |
Affects Version/s: | 2.2.0 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Based on Vivek Sachdeva's work at UCLA, there could be some attributes on groups (or stems?) to setup workflow. These attributes identify the groups as workflow groups, and identify a group who has to approve the memberships. When a member is added (another API method?) then an attribute is added storing who added them and who was requested to be added. The group who approves get an email about it. They can login to the UI and approve the memberships or disapprove. That will remove the request. They could also view their pending requests. Would having a simple workflow be useful or would people need a more complex solution? |
[GRP-1028] new ui create attribute definition screen Created: 27/Aug/14 Updated: 27/Aug/14 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.3.0 |
Fix Version/s: | 2.3.0 |
Type: | New Feature | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | attrDef1.jpg attrDef2.jpg attrDef3.jpg |
Description |
Make a screen in the new UI that is like the lite UI screen, but with the new UI look and feel and logic etc. Also make the screen easier to use:
https://github.com/Internet2/grouper/commit/3edf049cdc87dec84214c59e6e046f376744963c |
Comments |
Comment by mchyzer [ 27/Aug/14 ] |
The third pic shows a "type" which cannot be assigned to other attribute assignments, so it only shows the available choices |
[GRP-1011] add admin vs. user into new UI and APIs Created: 22/Jul/14 Updated: 22/Jul/14 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.2.0 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Michael Gettes (ufl.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
whatever |
Description |
Chris Hyzer's response to my asking about admin vs. user on the list. We don't have the distinction of admin vs user in the new UI... I don't think that exists in the API, it was just built in the Admin UI code which is going away. The new UI uses the API as much as possible, so if we want this functionality back we need to add this to the API... if you need this please add a jira. |
[GRP-982] make csrfguard error page not require csrfguard Created: 17/May/14 Updated: 17/May/14 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.2.0 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-981] fix recently used in ui panel, add screen to show all recently used Created: 17/May/14 Updated: 17/May/14 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.2.0 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-969] improve auditing on v2.2 ui, user based, and overall Created: 23/Apr/14 Updated: 23/Apr/14 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.3.0 |
Fix Version/s: | 2.3.0 |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-948] Rules UI Created: 30/Dec/13 Updated: 30/Dec/13 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Michael Gettes | Assignee: | Tom Barton (internet2.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
all environments |
Description |
per discussion on the grouper-users list and after inspecting the use cases at https://spaces.internet2.edu/display/Grouper/Grouper+rules+use+cases, I'd suggest a rules UI be implemented in the following order of precedence: 1) inheritance: all use cases mentioned |
[GRP-943] Feature Request: Contact Group-or-Folder Admin(s) Created: 25/Oct/13 Updated: 25/Oct/13 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Blair Christensen | Assignee: | Tom Barton (internet2.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
While we try to delegate out groups administration as much as possible at uchicago, we still run into problems where a) someone needs a membership or some other change made on a group but b) they have no idea who to contact to have that change made. This leads to support requests where we often end up trying to route them to the right delegated admin/admins. What would be useful is if there was either a "Contact Admins" button and/or attribute displayed in the UI that contained contact information for the group/folder. If there was a way for us to make this mandatory for at least certain folder structures, even better. |
Comments |
Comment by mchyzer [ 25/Oct/13 ] |
There could a contact admins form where you put in a subject and email body into the Grouper UI, and it emails the subjects who are updaters or admins who have a subject email attribute... And maybe a way to customize that if needed for the group... |
[GRP-937] request membership to be approved for group Created: 20/Sep/13 Updated: 20/Sep/13 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Tom Barton (internet2.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Penn State would like a screen where users could request membership into a group, and someone would approve that. |
[GRP-936] UI screen for vacation days Created: 20/Sep/13 Updated: 20/Sep/13 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Penn State suggested a vacation day screen one-pager where someone can go in and select a person who is going on vacation, and a person who is taking their place, and two dates for the start and end date, and a list of groups that person manages with checkboxes where they can select which groups and give the new person temporary access to the other person's groups (maybe for permissions too?) |
[GRP-872] lite permissions ui filter stops working when unassigning permissions by clicking on green checkbox Created: 10/Dec/12 Updated: 23/Aug/13 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.1.3 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-861] after filtering permissions by role, assigning a permission by using the individual allow button (not checkbox) causes filter to not filter by anything Created: 28/Oct/12 Updated: 23/Aug/13 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.1.2 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Comments |
Comment by mchyzer [ 28/Oct/12 ] |
try selecting the role again from the filter... something still isnt right... |
[GRP-853] ui member list filtered by source still filters when filter is not on screen Created: 09/Oct/12 Updated: 09/Oct/12 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.1.2 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
1. Main group has members from only one source (gsa) I believe that the previously selected source still applies, but the option isn’t there since all direct members are only from a single source. If I go back to INDIRECT, select all source (or GSA) and go back to DIRECT, the group is back. Thanks Screenshot of above steps. |
[GRP-852] null pointer when subject null on lite ui Created: 09/Oct/12 Updated: 09/Oct/12 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.1.1 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Not sure how to reproduce, saw this in the logs: 2012-10-09 12:11:36,073: [TP-Processor7] ERROR GrouperUiFilter.doFilter(829) - UI error |
[GRP-841] multivalued subject attributes do not display correctly in UI Created: 03/Sep/12 Updated: 03/Sep/12 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.1.1 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Hello, in order to help group updaters to distinguish between homonyms, employeeType studentstaff and in the Lite UI, only one value is displayed: employeeType student This happens both with Grouper 1.6.1 and 2.1.1 (using LdapSourceAdapter).
employeeType student Thanks in advance for your replies! Best regards, Mr Dominique Petitpierre |
[GRP-831] add more info to group member details Created: 03/Aug/12 Updated: 03/Aug/12 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.1.1 |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
I noticed under "Entity Details" of the grouper UI where I see name, path and all sorts of other number of memberships Total, direct, indirect and any other statistics about number of group admins (from MichaelG) Note from Chris, I think it would require a click for performance reasons... |
[GRP-829] lite ui subject customizer uses media.properties but not any resource bundle overlays... Created: 03/Aug/12 Updated: 03/Aug/12 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.1.1 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
GrouperUiUtils: //TODO CH 20120803 this should come from the resource bundle! |
[GRP-822] Lite UI has internationalization issues Created: 19/Jul/12 Updated: 19/Jul/12 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.1.0 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Hello, First, accent support is very iffy, we translated part of nav.properties, but sometimes (like on buttons) the html entities were shown (e.g. é) instead of the value (é). There's some problems with encoding between Lite UI and Admin UI (one will show the character é while the other will show a question mark) Also, if I enter some text for a grouper entity (an attribute in this case), accents are bugged : |
[GRP-806] add a servlet to the grouper ui so it can be unauthenticated and monitored with nagios Created: 20/Jun/12 Updated: 20/Jun/12 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
might need another tomcat mapping? |
[GRP-778] readline / autocomplete in grouper shell Created: 27/Apr/12 Updated: 27/Apr/12 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | David Langenberg | Assignee: | Tom Barton (internet2.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
CLI |
Description |
Remembering all the calls, options, functions, and objects available in gsh let alone having to fully type them every time you need to run a command let alone a lack of history causing you to have to completely retype a command if you need to run it multiple times is a real pain. Please add readline/autocomplete of some sort to grouper shell. |
[GRP-764] should be able to see my sent external user invitations that have not been redeemed, and perhaps delete some Created: 21/Mar/12 Updated: 21/Mar/12 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.1.0 |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-759] add limit to group, with text instead of number, should give friendly error Created: 15/Mar/12 Updated: 15/Mar/12 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.1.0 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-727] allow UI to customize the subject display from description to other things (e.g. ID) Created: 14/Jan/12 Updated: 14/Jan/12 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.0.3 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-721] Paging of audit results is broken and at least one audit type has no handling code Created: 04/Jan/12 Updated: 04/Jan/12 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.0.1 |
Fix Version/s: | 2.0.2 |
Type: | Bug | Priority: | Minor |
Reporter: | Gary Brown (Inactive) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
When checking if the change page size feature correctly displayed the current page size I found that audit log paging was broken and that ?audit.query.updateAttributeDefName-attributeDefName? is not handled. Until paging is resolved I can't be sure whether any other audit types are not handled |
Comments |
Comment by Gary Brown (Inactive) [ 04/Jan/12 ] |
I've fixed the paging issues - there were 2. Chris: From the QuickStart I found: I suspect that there are others, but I haven't kept up with the new attribute framework so you are probably best placed to know what text to display. |
Comment by Gary Brown (Inactive) [ 04/Jan/12 ] |
Can you take a look at the unconfigured audit types? |
[GRP-719] quick start lite ui subject lookup is not case insensitive Created: 22/Dec/11 Updated: 22/Dec/11 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.0.1 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
> Simple things like browsing though the groups and trying to add a |
[GRP-714] lite ui paging button doesnt work with ie9 Created: 28/Nov/11 Updated: 28/Nov/11 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 1.6.3 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Hello, Sorry, excuse-me, you're right, there is a log in a log file : 2011-11-28 10:12:32,867 ERROR j2ee.GrouperUiRestServlet: Problem java.lang.RuntimeException: Error with group: 56: <%-- paging summary shows which records, and page size --%> Stacktrace: Thanks ! Le 25/11/2011 23:07, Chris Hyzer a écrit : |
[GRP-711] grouper should sort based on international characters Created: 25/Nov/11 Updated: 28/Nov/11 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, UI |
Affects Version/s: | 2.0.2 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Also, someone here tells me that we have problems with sort : the sort http://www.rgagnon.com/javadetails/java-0343.html |
Comments |
Comment by mchyzer [ 28/Nov/11 ] |
Ok. I try this and it is ok when LiteUI display the list of members (cf ... public int compareTo(Object o) { SubjectSortWrapper subjectSortWrapper = (SubjectSortWrapper)o; |
[GRP-709] add option to not show advanced button on membership update lite Created: 23/Nov/11 Updated: 23/Nov/11 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.0.2 |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-706] group privilege screen has little underscore due to whitespace see attachment Created: 15/Nov/11 Updated: 15/Nov/11 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.0.2 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | privilegeScreen.jpg |
[GRP-705] in the lite ui permissions screen, when an entity (which is a group or entity) is selected, and "new" is clicked, the extension and not name is displayed Created: 15/Nov/11 Updated: 15/Nov/11 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.0.2 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-704] added two of the same type of limit on a permision (ipAddress), but only one showed up on the UI Created: 14/Nov/11 Updated: 14/Nov/11 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.0.1 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-702] membership lite screen member details is missing id for non groups (works for groups) see attachment Created: 10/Nov/11 Updated: 10/Nov/11 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.1.0 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | membershipLiteIdMissing.jpg |
[GRP-693] add effective members to lite membership ui Created: 09/Nov/11 Updated: 09/Nov/11 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.0.2 |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-676] permissions assignment filter should allow a wildcard for permission name (or at least a folder) Created: 21/Oct/11 Updated: 21/Oct/11 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-675] consider adding an 'add user to role' checkbox on the permission assign screen so the admin doesnt have to navigate to the membership screen Created: 21/Oct/11 Updated: 21/Oct/11 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-665] assign value to attribute metadata ui screen shows the underlying attribute, not the attribute getting the value Created: 05/Oct/11 Updated: 05/Oct/11 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.0.0 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
add a value to an attribute on an attribute... |
[GRP-663] add space in lite ui between menu and name (close together if subject logged in string is long) Created: 01/Oct/11 Updated: 01/Oct/11 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.0.0 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | grouperMenu.jpg |
[GRP-656] on the edit attribute value lite ui screen, the description of the attribute def name should appear as documentation. perhaps also an abbreviated version in the tooltip on the attribute assign results screen... Created: 26/Sep/11 Updated: 26/Sep/11 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.1.0 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-654] change lite find groups screen so that it displays editable groups if there arent too many, or in a paged list Created: 25/Sep/11 Updated: 25/Sep/11 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.1.0 |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-647] lite search for member in advanced menu does not find members who are in the group (maybe just for large groups?) Created: 16/Sep/11 Updated: 16/Sep/11 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.0.0 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
try penn's lynda.com group |
[GRP-634] add subject sorting to permissions ui (at least lite) Created: 08/Aug/11 Updated: 08/Aug/11 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | HEAD |
Fix Version/s: | HEAD |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Tom Barton (internet2.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-633] show permission audits in UI Created: 08/Aug/11 Updated: 08/Aug/11 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | HEAD |
Fix Version/s: | HEAD |
Type: | New Feature | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
e.g. role permission or subject permission maybe a lite ui audit query tool... also make sure that allow/disallow is audited |
[GRP-623] external subject with no name/institution shows up with null in name, should be blank Created: 31/Jul/11 Updated: 31/Jul/11 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
[unverifiedInfo] null [externalUserID] someid@upenn.edu should be: [externalUserID] someid@upenn.edu |
[GRP-616] Warnings when stopping Tomcat with Grouper deployed Created: 27/Jun/11 Updated: 27/Jun/11 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI, WS |
Affects Version/s: | None |
Fix Version/s: | 2.0.0 |
Type: | Bug | Priority: | Minor |
Reporter: | Shilen Patel (duke.edu) | Assignee: | Shilen Patel (duke.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Is there anything we can do about these warnings when stopping Tomcat (version 6.0.29) with grouper-ui and grouper-ws deployed? Jun 27, 2011 2:11:02 PM org.apache.catalina.core.StandardService stop |
[GRP-543] add readonly mode for lite ui Created: 20/Jan/11 Updated: 22/Jun/11 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.0.0 |
Fix Version/s: | HEAD |
Type: | New Feature | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
so people can go and search for or export members |
[GRP-613] add filter redundant roles to permissions UI filter Created: 22/Jun/11 Updated: 22/Jun/11 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | HEAD |
Fix Version/s: | None |
Type: | New Feature | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-608] Admin UI does not show naming privileges properly if the same privilege is assigned by more than one path Created: 20/May/11 Updated: 20/May/11 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | None |
Fix Version/s: | 2.0.0 |
Type: | Bug | Priority: | Major |
Reporter: | Gary Brown (Inactive) | Assignee: | Gary Brown (Inactive) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Whilst looking at another issue - inability to remove naming privileges from unresolvable subject - I found that the UI does not show an immediate privilege when an indirect one is also present. Not sure how long this has been the case but quite likely some time. Privileges are returned as Set<NamingPrivilege> and so 'equivalent' privileges overwrite each other - may be random according to query order. The underlying MembershipDao.findAllByStemOwnerAndMemberAndField correctly retrieves memberships so a solution that calls this can work |
[GRP-599] Horizontal scroll bar in Google Chrome Created: 26/Apr/11 Updated: 26/Apr/11 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 1.6.3 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Matthew Buckett (Inactive) | Assignee: | Tom Barton (internet2.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Currently when using the Web UI Chrome constantly has a horizontal scroll bar despite having no content available when scrolling horizontally. Currently in signet.css line 207 there is: /* LAYOUT AND POSITIONING */ \""; changing the margin right to be 0px fixes the scroll bar: margin: 6px 0px 6px 0px; |
[GRP-584] cannot remove group type with required attribute Created: 22/Mar/11 Updated: 22/Mar/11 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 1.6.3 |
Fix Version/s: | 2.0.0 |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
If you have a grouper loader group, with attributes filled out, and you want to remove the type or attributes, you cannot: 2011-03-22 12:03:35,313: [TP-Processor6] ERROR GrouperCapableAction.execute(298) - java.lang.RuntimeException: Exception removing field: grouperLoaderDbName, from group: school:groups:imageNowUsers, Note, a workaround is to delete the group, and recreate it. |
[GRP-577] on invite external user screen, groups should only display if not ruled out by external user source Created: 10/Mar/11 Updated: 10/Mar/11 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.0.0 |
Fix Version/s: | 2.0.0 |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
also, should be case insensitive match, and split on whitespace |
[GRP-576] is grouper still sorting the netid to the top of the list of subject search? Created: 09/Mar/11 Updated: 09/Mar/11 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.0.0 |
Fix Version/s: | 2.0.0 |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-71] Add act as to UI to act as another user Created: 11/Dec/07 Updated: 16/Feb/11 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.0.0 |
Fix Version/s: | None |
Type: | Improvement | Priority: | Minor |
Reporter: | Gary Brown (Inactive) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
change the act as grouper system, to act as another user ################## The UI has a feature where wheel group members can 'Act as self' or 'Act as admin', however, this feature is not supported by the API so there are times when privilege checks will return true rather than false. The UI currently checks wheel group membership itself, however, it would be better to have the API provide a public way of determining this (there is a protected method in PrivilegeHelper). Currently privilege checks / retrieval happen through PrivilegeHelper or WheelNamingResolver / WheelAccessResolver - need to hunt down any others. I think the best approach would be to add methods to GrouperSession so we can check if the session subject 'isWheel', 'isActiveWheel', 'isInactiveWheel' and 'enableWheel','disableWheel'. Currently the Resolvers do not have a reference to a GrouperSession, but this could be changed - the Factory takes a GrouperSession. I am open to suggestions for other implementations. |
[GRP-539] Pre-configured quickstart to include extra Grouper funcionality Created: 11/Jan/11 Updated: 08/Feb/11 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, grouperClient, subject API, UI, WS |
Affects Version/s: | 2.0.0 |
Fix Version/s: | None |
Type: | New Feature | Priority: | Major |
Reporter: | Rob Hebron (Inactive) | Assignee: | Rob Hebron (Inactive) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
Cross-platform |
Description |
A packaged, preconfigured quickstart to provide a fully working Grouper installation. Will require a JDK, which may need to be downloaded separately. Will include working demonstrations of the UI, LDAPPC-NG, Loader, WebService etc. Will be referred to in the Grouper Book, for which it will form a working environment. |
[GRP-538] Grouper Live CD Created: 11/Jan/11 Updated: 08/Feb/11 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, UI |
Affects Version/s: | 2.0.0 |
Fix Version/s: | None |
Type: | New Feature | Priority: | Major |
Reporter: | Rob Hebron (Inactive) | Assignee: | Rob Hebron (Inactive) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
Virtualised environment |
Description |
Put together a Live CD of the Grouper Quckstart. A single ISO image to boot on VMWare, KVM/QEMU (should also work with XEN) and VirtualBox. May also work with physical hardware. Will boot into Debian Squeeze with everything expect Grouper installed from Debian repositories (so we don't need to worry about whether licenses allow redistribution). Will auto-login and open a browser at the Grouper Quickstart. |
[GRP-550] ui should support bookmarks and invalidated sessions Created: 04/Feb/11 Updated: 04/Feb/11 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 1.6.3 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Tom Barton (internet2.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
If you bookmark a page in the UI, or your session times out, then UI should not throw errors, it should at least start the user over at the start page. Here are some stacks: 2011-02-04 14:37:45,854: [TP-Processor8] ERROR GrouperUiFilter.sendErrorEmailIfNeeded(800) - Error sending email 2011-02-04 14:37:40,712: [TP-Processor8] ERROR TileRecorderTag.doCatch(59) - Error handling doCatch. 2011-02-04 14:37:30,458: [TP-Processor8] ERROR InsertTag$InsertHandler.doEndTag(920) - ServletException in '/WEB-INF/jsp/internet2spons.jsp': NullPointerException:null 2011-02-04 14:36:49,276: [TP-Processor8] ERROR GrouperUiFilter.doFilter(658) - UI error 2011-02-04 14:36:39,000: [TP-Processor8] ERROR GrouperCapableAction.execute(298) - java.lang.IllegalStateException: null session member I think another problem is you do something as admin, time out, then you dont have access anymore... maybe we should default to admin access, I think there is a way to do that. |
[GRP-530] add ability to customize default of external subject invite message Created: 05/Jan/11 Updated: 05/Jan/11 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, UI |
Affects Version/s: | 2.0.0 |
Fix Version/s: | 2.0.0 |
Type: | New Feature | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
maybe have attributes or rules or something on groups or stems where the default text for the invite screen defaults to that... i.e. to help people who are sending invites... |
[GRP-516] truncate name and description on lite ui group picker screen Created: 07/Dec/10 Updated: 07/Dec/10 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.0.0 |
Fix Version/s: | 2.0.0 |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
And change text of "prototype" lite UI |
Comments |
Comment by mchyzer [ 07/Dec/10 ] |
and why is testgroup not found when test:testGroup is a valid group? |
[GRP-506] honor logout.link.show=false in liteUi Created: 24/Oct/10 Updated: 24/Oct/10 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.0.0 |
Fix Version/s: | 2.0.0 |
Type: | Bug | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
[GRP-494] add more things to grouper intro on UI Created: 24/Sep/10 Updated: 24/Sep/10 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 2.0.0 |
Fix Version/s: | 2.0.0 |
Type: | Improvement | Priority: | Minor |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Should we add more things (attributes, rules, permissions, etc) to the UI grouper intro page? |
[GRP-322] cant find stem by name after making a stem and not doing anything with it Created: 13/Oct/09 Updated: 22/Jan/10 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 1.4.2 |
Fix Version/s: | 1.5.0 |
Type: | Bug | Priority: | Major |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
I created a stem, didnt create anythign inside, then worked in another stem, then went back to the stem, and got a blank screen, and this error in the logs: 2009-10-12 23:57:21,507: [TP-Processor5] ERROR InsertTag$InsertHandler.doEndTag(920) - ServletException in '/WE |
Comments |
Comment by mchyzer [ 13/Oct/09 ] |
Note, I created a group in the stem, and bounced the tomcat, and then it snapped out it. Logging out and logging in didnt help... Chris |
[GRP-317] UI displays badly on Opera Created: 14/Sep/09 Updated: 14/Sep/09 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 1.4.2 |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Hans Benedict (Inactive) | Assignee: | Tom Barton (internet2.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified | ||
Environment: |
Opera 10.0 on Windows XP SP3 |
Attachments: | grouperui-opero.jpg |
Description |
Viewing the UI with Opera is a strange expirience - parts of the layout overlap other parts... cf. attached screenshot |
[GRP-289] error removing multiple groups from a group Created: 06/Jun/09 Updated: 06/Jun/09 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 1.4.2 |
Fix Version/s: | None |
Type: | Bug | Priority: | Major |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
I tried to remove multiple groups as members of a group, and I got this error. Note, I dont have 1.4.2 quite, though it is 1.4 branch a few days before 1.4.2. Also, if I remove them individually, it works fine: 2009-06-05 23:57:23,738: [TP-Processor3] ERROR GrouperCapableAction.execute(282) - edu.internet2.middleware.grouper.exception\ |
[GRP-236] doesnt work with safari 4 beta on mac Created: 25/Feb/09 Updated: 25/Feb/09 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 1.4.1 |
Fix Version/s: | None |
Type: | Bug | Priority: | Major |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Gary Brown (Inactive) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
I tried it on safari 4 beta on windows, and it worked fine. Hi, > Mac, Safari, Beta... all the things I love... A helpful user posted some info and screen shots at http://www.lsc-group.phys.uwm.edu/~warren/Safari4Grouper/Safari4Grouper.html Does that help? Note that the same user with the same Mac does not have any problems when using the UI with Firefox Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; Thanks, Scott > |
[GRP-182] sometimes act as admin doesnt show memberhips change checkboxes Created: 30/Oct/08 Updated: 30/Oct/08 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 1.4.0 |
Fix Version/s: | 1.4.0 |
Type: | Bug | Priority: | Major |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Gary Brown (Inactive) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Attachments: | adminCheckbox.gif |
Description |
> ---- |
[GRP-86] improve (and make consistent) the checkout and build process of grouper, grouper-ui, and grouper-ws Created: 24/Jan/08 Updated: 01/Oct/08 Due: 14/Mar/08 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, UI |
Affects Version/s: | 1.4.0 |
Fix Version/s: | HEAD |
Type: | Improvement | Priority: | Major |
Reporter: | Chris Hyzer (upenn.edu) | Assignee: | Chris Hyzer (upenn.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
Good suggestions. Please also run them by signet-dev to see if we can produce a more even experience across both. And, please open a jira issue to track what is decided should be done. Re #2, I think the main installation doc is in the wiki, not in the package itself. That was the result of discussion quite some time back, with (for me) the essential argument being "docs have bugs and updates too" and we don't want to wait on subsequent releases to fix some of those. But perhaps there should be additional or modified instructions in the package too, especially if some type of example file naming convention is followed. Tom Chris Hyzer wrote: |
Comments |
Comment by mchyzer [ 09/Aug/08 ] |
Some notes:
|
[GRP-150] Make Grouper work with Subject API 1.0 Created: 23/Jul/08 Updated: 23/Jul/08 |
|
Status: | Open |
Project: | Grouper |
Component/s: | API, UI, WS |
Affects Version/s: | 1.3.0 |
Fix Version/s: | None |
Type: | New Feature | Priority: | Major |
Reporter: | Gary Brown (Inactive) | Assignee: | Tom Barton (internet2.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
We need to accommodate the Subject 1.0 API. Need to discuss exactly what this means i.e. There will be a fair amount of tidying up in the UI once we remove type (assuming we do) |
[GRP-112] UI bugs when using browser back button Created: 16/Apr/08 Updated: 23/Jul/08 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | 1.3.0 |
Fix Version/s: | None |
Type: | Bug | Priority: | Major |
Reporter: | Shilen Patel (duke.edu) | Assignee: | Tom Barton (internet2.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
There appear to be multiple bugs when a user uses the browser back button. Example 1: 1. Go down a stem hierarchy with a few mouse clicks, hit the back button a couple of times, then click on a "Create Group" button. Example 2: 1. Go to the group summary of a group. |
[GRP-113] UI bug where group is not listed after creating a new group Created: 18/Apr/08 Updated: 18/Apr/08 |
|
Status: | Open |
Project: | Grouper |
Component/s: | UI |
Affects Version/s: | HEAD |
Fix Version/s: | None |
Type: | Bug | Priority: | Minor |
Reporter: | Shilen Patel (duke.edu) | Assignee: | Tom Barton (internet2.edu) |
Resolution: | Unresolved | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
1. Click on the Create Group button. The list of available groups does not contain the group just created. If you click the "Explore" link, the list will refresh and include the new group. |