[SYNCOPE-354] LDAP Membership propagation does not remove memberships - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 1.1.0
Fix Version/s: 1.1.1, 1.2.0-M1
Component/s: core
Labels:
- delete
- ldap
- propagation
- role
Environment:
n/a

Description

Configure a LDAP connector and resource, use the LDAPMembershipPropagationActions propagator class, add a LDAP role to a user, then try to remove that role. The role is removed in Syncope but not LDAP; the next sync will add it back in Syncope.

In LDAPMembershipPropagationActions, line 75 (Syncope 1.1.0), there is a conditional on:
ResourceOperation.DELETE != task.getPropagationOperation
So LDAPMembershipPropagationActions refuses to process any delete operations.

Should the operation be DELETE here (vs UPDATE)? If so, LDAPMembershipPropagationActions needs to deal with DELETE appropriately.

Attachments

Issue Links

relates to

SYNCOPE-357 When deleting role on external resource, also remove from there users with resource assigned only via that role

Closed

Activity

People

Assignee:: Francesco Chicchiriccò

Reporter:: James Flemer

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 12/Apr/13 23:22

Updated:: 29/Apr/13 14:42

Resolved:: 24/Apr/13 13:32