Ramzi Siala
Ramzi Siala
Billing Service is not fully migrated to abac as there is a dependency with userService.
All settings migrated to ABAC except: - OCPI - OICP - Organisation The above require their unique backend service migration (OCPIEndpointService, OICPEndpointService, TenantService)
We detected an issue in the register user endpoint where we perform a write (primary) / read (secondary) action thus creating inconsistencies. Fix: We should read on the primary node
User was able to start a transaction on unasigned charging station
Use projected field for the action PUSH_TRANSACTION_CDR The fields should be: 'id', 'ocpiData',
Site admin should be able to: - See admin data on charging stations located on sites where he is site admin - See basic data for all other stations Impacted...
In processDynamicAsserts() when the authorization fails the resulting error logs doesn't give much information on what entity the issue occured, thus making it more difficult to investigate. ex: John Doe...
Example: we retrieve the user associated to the connector (withUser) The user is allowed to read the connector BUT we don't check if the user is allowed to READ the...