Issue Management Configuration Files
This article provides an overview of the issue management configuration files and instructions for all modifications necessary to accommodate them to your solution. For the full procedure on enabling issue management in MDM Web App, see Enabling Issue Management.
config.xml
The main DQIT configuration file that contains links to other configuration files, issue persistence definition, authentication configuration, and other settings.
<?xml version="1.0"?>
<settings>
<metadataProvider file="metadata.xml" />
<messages file="messages.properties" />
<dataProvider class="com.ataccama.epp.mda.db.DbCacheDataProviderFactory">
<delegate class="com.ataccama.epp.internal.core.data.db.DbDataProviderFactory" jndiName="it_db"/>
</dataProvider>
<workflowEngine class="com.ataccama.epp.workflow.core.XmlWorkflowEngine" fileName="workflows.xml" />
<authFactory class="com.ataccama.auth.keycloak.KeycloakAuthManagerFactory">
<serverUrl>http://localhost:8083/auth</serverUrl>
<realm>ataccamaone</realm>
<clientId>one-service-account</clientId>
<clientSecret>one-service-account-s3cret</clientSecret>
</authFactory>
<globalSettings>
<!-- Enables additional features for sight-impaired people -->
<accessibleApplication>false</accessibleApplication>
<!-- Enables additional safe browsing measures, such as anti-frame hijacking,
disables displaying error details in the applications, and login form autocomplete -->
<safeMode>false</safeMode>
<!-- Maximum number of tasks kept in history -->
<maxTaskHistorySize>50</maxTaskHistorySize>
<!-- Maximum idle time of a task in order to be kept in history even if the history is full -->
<maxTaskHistoryIdleInMillis>60000</maxTaskHistoryIdleInMillis>
</globalSettings>
</settings>Here are the most relevant settings that you might have to change.
metadataProvider
This is the link to the metadata configuration file that should be used. Usually, you don’t need to change this setting unless you test several configurations simultaneously. See [metadata.xml].
dataProvider
This is the configuration of the database issue persistence repository.
The jndiName attribute is a reference to a database connection in the runtime configuration used by the MDM Engine server.
workflowEngine
This is the link to the workflow configuration file that should be used. Usually, you don’t need to change this setting unless you test several configurations simultaneously. See [workflows.xml].
authFactory
Authentication configuration specifies Keycloak settings, a technical client and user necessary for making special privileged requests, which take place on the background.
Change serverUrl and realm according to your Keycloak deployment.
Change other settings only if you defined your own client and technical user.
<authFactory class="com.ataccama.auth.keycloak.KeycloakAuthManagerFactory">
<serverUrl>http://localhost:8083/auth</serverUrl>
<realm>ataccamaone</realm>
<clientId>one-service-account</clientId>
<clientSecret>one-service-account-s3cret</clientSecret>
</authFactory>-
serverUrl. Keycloak location. -
realm. The realm within Keycloak to which the client belongs. -
clientID. The name of the client defined in keycloak. -
clientSecret. The client secret (password).
metadata.xml
This file contains the configuration of global permissions and other general properties of issues. Configure permissions to your needs by assigning roles to a given permission. The roles should exist in Keycloak. Please note that a newly created role has to be added to this file to have access to the issues section of the MDM Web App. Below is a brief description of each permission.
-
seeOthersIssues - the ability to issues assigned to other users in the global Issues list.
-
editOthersIssues - the ability to edit issues assigned to other users.
-
deleteOthersIssues - the ability to delete issues assigned to other users.
-
createIssues - the ability to create an issue on an entry or a group of entries.
-
changeStep - the ability to move issues assigned to other users to the next state.
<metadata>
<globalPermissions>
<constraint permission="seeOthersIssues">
<conditions>
<condition class="com.ataccama.epp.contrib.security.UserIsInRole" roles="MDM_admin"/>
</conditions>
</constraint>
<constraint permission="editOthersIssues">
<conditions>
<condition class="com.ataccama.epp.contrib.security.UserIsInRole" roles="MDM_admin"/>
</conditions>
</constraint>
<constraint permission="deleteOthersIssues">
<conditions>
<condition class="com.ataccama.epp.contrib.security.UserIsInRole" roles="MDM_admin"/>
</conditions>
</constraint>
<constraint permission="createIssues">
<conditions>
<condition class="com.ataccama.epp.contrib.security.UserIsInRole" roles="MDM_admin"/>
</conditions>
</constraint>
<constraint permission="changeStep">
<conditions>
<condition class="com.ataccama.epp.contrib.security.UserIsInRole" roles="MDM_admin"/>
</conditions>
</constraint>
</globalPermissions>
...
</metadata>workflows.xml
This file contains the configuration of the issue resolution workflow, which includes the steps (or states), transitions between them, and permissions on the step and transition level. Keep in mind that a newly created role has to be added to this file to have access to items in the issues section of the MDM Web App.
| Update this file only to change permissions. Do not modify steps and transitions. |
<workflows>
<statuses>
<status id="1" label="For Resolution"/>
<status id="2" label="Resolved"/>
<status id="3" label="Closed"/>
</statuses>
<workflows>
<workflow id="simple">
<steps>
<step id="1" label="For Resolution" statusId="1">
<securityConstraints>
<constraint permission="view">
<conditions>
<condition class="com.ataccama.epp.contrib.security.UserIsInRole" roles="MDM_viewer,MDM_admin"/>
</conditions>
</constraint>
<constraint permission="edit">
<conditions>
<condition class="com.ataccama.epp.contrib.security.UserIsInRole" roles="MDM_admin"/>
</conditions>
</constraint>
<constraint permission="assign">
<conditions>
<condition class="com.ataccama.epp.contrib.security.UserIsInRole" roles="MDM_admin"/>
</conditions>
</constraint>
<constraint permission="delete">
<conditions>
<condition class="com.ataccama.epp.contrib.security.UserIsInRole" roles="MDM_admin"/>
</conditions>
</constraint>
</securityConstraints>
</step>
<transitions>
<transition id="resolve" label="Resolve" originId="1" targetId="2">
<conditions>
<condition class="com.ataccama.epp.contrib.security.UserIsInRole" roles="MDM_admin"/>
</conditions>
<validators/>
<postActions>
<postAction class="com.ataccama.epp.contrib.wf.postactions.CsvCallPostAction">
<urlResourceName>dqitPostAction</urlResourceName>
</postAction>
</postActions>
</transition>
</transitions>
</workflow>
</workflows>
</workflows>Issue Resolution Steps and Transitions
The built-in workflow for issue management in MDM Web App has three steps and transitions between them. Some transitions repeat to enable the skipping of steps,for example, move immediately from For Resolution to Closed, skipping the Resolved state.
<step id="1" label="For Resolution" statusId="1">
<step id="2" label="Resolved" statusId="2">
<step id="3" label="Closed" statusId="3">
<transition id="resolve" label="Resolve" originId="1" targetId="2">
<transition id="close" label="Close" originId="1" targetId="3">
<transition id="reopen" label="Reopen" originId="2" targetId="1">
<transition id="reopen" label="Reopen" originId="3" targetId="1">
<transition id="close" label="Close" originId="2" targetId="3">Permissions on the Step Level
Permissions on the step level determine which privileges are available to which roles. Below is a brief description of the permissions:
-
view - the ability to view issues in a given step, which primarily determines whether the user sees the issues indicator in the entry detail view or the compare view.
-
override - the role can set and remove overrides on attributes (see Editing Values, section Override consolidated values).
-
ovrActive - the role can override the activity status of the record: set as active/inactive and remove activity overrides (see Activating and Deactivating Records).
-
ovrMatch - the role can merge master records, merge instances, and split instances (see Merging and Splitting Records).
-
masterEdit, masterCreate, masterDelete - the role can execute these actions on the master layer.
<constraint permission="view">
<conditions>
<condition class="com.ataccama.epp.contrib.security.UserIsInRole" roles="MDM_viewer,MDM_admin"/>
</conditions>
</constraint>Permissions on Transitions
Permissions on the transition level determine which roles can perform the given transition.
<transition id="reopen" label="Reopen" originId="2" targetId="1">
<conditions>
<condition class="com.ataccama.epp.contrib.security.UserIsInRole" roles="MDM_admin"/>
</conditions>
<validators/>
<postActions/>
</transition>
There are two constraint conditions available on the step level: UserIsInRole and UserIsAssignee.
For transitions, only UserIsInRole is available.
|
Was this page useful?