altinn-studio icon indicating copy to clipboard operation
altinn-studio copied to clipboard

Published 20 hours ago verified publisher icon Altinn

Support selecting resources from a pre-defined list

Open nkylstad opened this issue 1 year ago • 4 comments

Description

When limiting the scope of a resource in a given rule in the policy editor, the user should be given a list of predefined options to select from. The list should include:

  • [ORG]/[APP] combination (this is added automatically for all new rules)
  • All defined process task ids for the app (urn:altinn:task) as set up in the process.bpmn file
  • EndEvent id for process (urn:altinn:end-event) -events resource (urn:altinn:appresource)

Note that the StartEvent from the process should not be included, as this is covered by the instantiate action.

We should keep the option to enter values manually, as is the case today - however this should be an active choice by the user, and not the default way to do things.

Current situation

Limitations are added/defined manually though text fields. This opens for a lot of chances for error. F.ex: Screenshot 2023-11-03 at 10 15 06

### Tasks
- [ ] UX: New design for adding limitations to a resource, with pre-defined values
- [ ] Endpoint returning all available resource limitations as defined above
- [ ] Implement new design

Acceptance criteria

  • [ ] Limiting resources is done by selecting limitations from a list of pre-defined options
    • [ ] Already selected values for a rule are not shown in the list when selecting further limitations
  • [ ] It should be possible to choose to enter values manually (which is the default currently)
  • [ ] It should be possible to remove a single limitation

nkylstad avatar Nov 02 '23 11:11 nkylstad

New design Skjermbilde 2023-12-05 kl 09 13 39 Skjermbilde 2023-12-05 kl 09 14 01

Wishes for further iterations:

  • Filter on multiselect for "Roller"
  • It should be easy to rename Tasks to recognize them in the selected list.

Annikenkbrathen avatar Dec 05 '23 08:12 Annikenkbrathen

I took a look at the new design, looks a lot cleaner! However - "Hvilket nivå skal regelen gjelde for.." - not sure this is the correct way to view this? My understanding was that you can start with the entire application (org/app), and then add limitations to that, f.eks. "Datatask1", which then limits the rule to the given task within the given application. I don't think it's an either/or scenario here. @WilliamThorenfeldt @TheTechArch any comments here?

CC: @Annikenkbrathen

nkylstad avatar Dec 19 '23 11:12 nkylstad

I am in danger of saying something that makes this more difficult to understand. For this design, it is not or, but and as you describe with an additional requirement, but I agree that maybe it is confusing to use the word "eller" here. (Skal du drikke hele flasken, eller bare ta et glass?) (du kan ikke gjøre begge delene)

Resource support else in real XACML but in GUI you need to add another rule.-

TheTechArch avatar Dec 19 '23 14:12 TheTechArch

can we close this? This will be solved in #12353

Annikenkbrathen avatar Mar 25 '24 08:03 Annikenkbrathen