Role Assignment screen access issue

Abhishek.shelar · March 19, 2025, 12:25pm

On user screen there is role assignment button to provide role access, i had provided the access for that screen but when i clicked in the button to view the role but role is getting displayed although role is assigned to user and also i clicked on to assign roles are not getting displayed. kindly help is any access need to be provided.

Screenshot from 2025-03-19 17-49-45

krivopustov · March 25, 2025, 8:12am

The following role would enable role assignment:

package com.company.onboarding.security;

import io.jmix.security.model.EntityAttributePolicyAction;
import io.jmix.security.model.EntityPolicyAction;
import io.jmix.security.model.ResourceRoleModel;
import io.jmix.security.model.RowLevelRoleModel;
import io.jmix.security.role.annotation.EntityAttributePolicy;
import io.jmix.security.role.annotation.EntityPolicy;
import io.jmix.security.role.annotation.ResourceRole;
import io.jmix.security.role.assignment.RoleAssignmentModel;
import io.jmix.securitydata.entity.RoleAssignmentEntity;
import io.jmix.securityflowui.role.annotation.ViewPolicy;

@ResourceRole(name = "RoleAssignmentRole", code = RoleAssignmentRole.CODE, scope = "UI")
public interface RoleAssignmentRole {
    String CODE = "role-assignment-role";

    @ViewPolicy(viewIds = {"roleAssignmentView", "sec_ResourceRoleModel.lookup", "sec_RowLevelRoleModel.lookup"})
    void screens();

    @EntityAttributePolicy(entityClass = RoleAssignmentEntity.class, attributes = "*", action = EntityAttributePolicyAction.MODIFY)
    @EntityPolicy(entityClass = RoleAssignmentEntity.class, actions = EntityPolicyAction.ALL)
    void roleAssignmentEntity();

    @EntityAttributePolicy(entityClass = ResourceRoleModel.class, attributes = "*", action = EntityAttributePolicyAction.VIEW)
    @EntityPolicy(entityClass = ResourceRoleModel.class, actions = EntityPolicyAction.READ)
    void resourceRoleModel();

    @EntityAttributePolicy(entityClass = RowLevelRoleModel.class, attributes = "*", action = EntityAttributePolicyAction.VIEW)
    @EntityPolicy(entityClass = RowLevelRoleModel.class, actions = EntityPolicyAction.READ)
    void rowLevelRoleModel();

    @EntityAttributePolicy(entityClass = RoleAssignmentModel.class, attributes = "*", action = EntityAttributePolicyAction.MODIFY)
    @EntityPolicy(entityClass = RoleAssignmentModel.class, actions = EntityPolicyAction.ALL)
    void roleAssignmentModel();
}

In general, when you see that some permissions are missing to accomplish a task, take a look at messages from the io.jmix.core.AccessLogger in the console, it may give you a clue.

Regards,
Konstantin