IBM Support

PI74231: DELETED SECURITY TYPES STILL SHOW AS ASSIGNABLE

Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

 

APAR status

  • Closed as program error.

Error description

  • When a security Type is deleted, such as a Component Type,
Application Type, etc, any user (except "admin") who previous
had access to create with that Resource Type can still do so.
This can result in "Cannot add new mappings to deleted resource
roles."

To reproduce:

- Create a security type for components.
- Give a security role such as the built-in "Administrator"
role, all security permission on the new security type.
- Delete the type.
- As a user who had permissions on the new security type
(someone from the "Administrator" role, if you used that role
above), try to create a component.
- Notice that the deleted security type appears in the UI for
all teams that user has access to.
- If you try to proceed, you will get a "Cannot add new mappings
to deleted resource roles." error.

Local fix

  • n/a

Problem summary

  • ****************************************************************
* USERS AFFECTED:                                              *
* N/A                                                          *
****************************************************************
* PROBLEM DESCRIPTION:                                         *
* When a security Type is deleted, such as a Component Type,   *
* Application Type, etc, any user (except "admin") who         *
* previous                                                     *
* had access to create with that Resource Type can still do    *
* so.                                                          *
* This can result in "Cannot add new mappings to deleted       *
* resource                                                     *
* roles."                                                      *
*                                                              *
* To reproduce:                                                *
*                                                              *
* - Create a security type for components.                     *
* - Give a security role such as the built-in "Administrator"  *
* role, all security permission on the new security type.      *
* - Delete the type.                                           *
* - As a user who had permissions on the new security type     *
* (someone from the "Administrator" role, if you used that     *
* role                                                         *
* above), try to create a component.                           *
* - Notice that the deleted security type appears in the UI    *
* for                                                          *
* all teams that user has access to.                           *
* - If you try to proceed, you will get a "Cannot add new      *
* mappings                                                     *
* to deleted resource roles." error.                           *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************

Problem conclusion

  • Fixed in UCD 6.2.5.2

Temporary fix

  • 



Comments


    

  • 



APAR Information




    

  • APAR number
    PI74231
    • 

  • Reported component name
    UC DEPLOY
    • 

  • Reported component ID
    5725M5400
    • 

  • Reported release
    622
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2016-12-28
    • 

  • Closed date
    2017-09-01
    • 

  • Last modified date
    2017-09-01
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    

  • Fixed component name
    UC DEPLOY
    • 

  • Fixed component ID
    5725M5400
    • 



Applicable component levels


    

  • R625  PSY
       UP
    • 








      
              
                            

              

              [{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SS4GSP","label":"IBM UrbanCode Deploy"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"622","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]
              

                          

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            01 September 2017
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback