Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Send organizational changes in FK ORG to Kitos #76

Open
Tracked by #73
miphilin opened this issue Sep 23, 2024 · 2 comments
Open
Tracked by #73

Send organizational changes in FK ORG to Kitos #76

miphilin opened this issue Sep 23, 2024 · 2 comments
Assignees
@miphilin
Labels
KITOS Issues relevant for the KITOS project user story User stories

Comments

@miphilin
Copy link

miphilin commented Sep 23, 2024
edited
Loading

I have splitted this story in two scopes.

Scope 1

Story 1

As a KITOS LOCAL ADMIN I want to receive a notification when a user ( municipality employee) changes location in the FK ORG organization, So that I can decide whether the user’s business role(s) and organizational roles should be maintained or reassigned to another user.

Case 1

When a Kitos municipality is connected to FK ORG and a change occurs in FK ORG, the Local admin should receive a message.

"This user has changed from unit xxx to unit xxx, should the person?" :

  1. Keep users business roles (system roles, contract roles, data processor roles )?

  2. Transfer users business roles (system roles, contract roles, data processor roles ) to another user in the municipality?

  3. Maintain users organizational role

  4. Transfer users organizational role to anoterher user in the municipality

Scope 2

Story 2

As a KITOS LOCAL ADMIN I want to receive a notification when a current Kitos user with Kitos businessrole(s) changes department in FK ORG, so a decision can be made as to whether the responsible organizational unit on a system must be changed.

Case 2

A user changes department from Digital Solutions. The department he switches to, for example, Strategy and Management, must then take over responsibility for the number of systems that the unit he switched from has registered in Kitos.
(Systems → Organization → Responsible org. unit + relevant org. units)

Answer options:

  • Yes – Responsible organizational units follow Per over to the Strategy and Management department.
  • No – Responsible organizational unit will remain in Digital Solutions, and a new system owner must be found.
    -- Transfer, copy, or delete Per’s business roles to user X.

Jira link: https://os2web.atlassian.net/browse/KITOSUDV-5326
@miphilin miphilin added user story User stories KITOS Issues relevant for the KITOS project labels Sep 23, 2024
@miphilin miphilin self-assigned this Sep 23, 2024
@miphilin miphilin mentioned this issue Sep 23, 2024
Open
6 tasks
@miphilin
Copy link
Author

miphilin commented Sep 23, 2024
edited
Loading

relates to #70
@janhalen

@janhalen
Copy link
Collaborator

Currently there is no built in service in Authentik/OS2ID that contacts the seperate organization service fk.org. and pulls down organizational metadata.

It could maybe be possible via SCIM https://docs.goauthentik.io/docs/providers/scim/ , but no research have been put into the fk.org endpoint, so a seperate PoC should be made before it is decided whether all the usecases can be covered in a secure way.

That being said, if the user is made inactive or removed from fk.adg login rights are also revoked in OS2ID.

@janhalen janhalen mentioned this issue Oct 2, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@miphilin miphilin

Labels
KITOS Issues relevant for the KITOS project user story User stories
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@janhalen @miphilin