Users with no home facility and roles are still able to capture LMIS report

Description

Original description

I removed Home facilities, roleassignments and set active=false, loginRestricted=true, allowNotify=false for all the district users but users are still able to log in, capture reports and view LMIS forms.

We dont want this user to be able to log into the system. we want the account to be inactive and restricted to login.

Repro steps:
1. Log in as admin
2. Remove all the roles from user srmanager4
3. Log in as srmanager4
4. You have access to view orders and manage POD screen and the permission strings endpoint for this user returns 2 entries, even though it should be empty

Expected:
If all roles are removed from the user, all the permission strings are removed as well and the user doesn't have access to any screen requiring specific rights

Possible root cause
Looks like removing all role assignments from a specific user doesn't trigger regeneration of the permission strings for that user. Adding a single role assignment triggers the update.

Environment

None

Assignee

Mateusz Kwiatkowski

Reporter

Nikodem Graczewski

Labels

None

Story Points

5

Time tracking

32h

Components

Sprint

None

Fix versions

Priority

Blocker
Configure