We have a new IT shop setup on v. 8.0. I've set up a form with request properties, assigned permissions to a role with the new PersonWantsOrg and ShoppingCartItem fields. I have a new IT Shop, customer node, shelf, and service item.
We are using the authentication module 'Employee (role based)'. The item shows up in the IT Shop as expected, but there are a couple issues. When I view an item in the cart, I get the message 'Cart items: Viewing permission denied for value "name of item" '. Also, a couple of the request properties added to the form show a <hidden> tag where the textbox or checklist should be.
Any ideas what I'm missing? I've tried adding both role and non-role permission to the new fields, and to the table, but the errors persist.
I noticed the CustomProperty fields have quite a few permissions that my new fields don't. I don't need to add each of those explicitly, do I? I'm assuming those permissions are inherited from the table level?
column permissions are not inherited from the table level if that is what you are up to.
But there is a configuration parameter called Common\AutoExtendPermissions that, if turned on, would extend the default permissions groups to contain the permissions for the newly created columns.
The rules that determine the valid permissions for tables and columns are documented here https://support.oneidentity.com/technical-documents/identity-manager/8.0.1/configuration-guide/38#TOPIC-909793
There is also a complete video series around permissions in One Identity Manager on our official YouTube channel to get a deeper insight.
Thank you for the help Markus! The video series does help, and the Common\AutoExtendPermissions parameter was exactly what I needed! Turned that on and all my permissions problems went away!