Bug #16
closedInconsistency between UI and API role assignment while creating admin
Description
Description
While creating a new admin user via the UI, certain roles are not available for selection or cannot be assigned. However, when the same request is sent via the API, these roles can still be assigned successfully.
This creates an inconsistency between the frontend restrictions and backend behavior.
It is unclear whether these roles are intentionally restricted or if backend validation is missing.
Steps to Reproduce
- Navigate to:
Admin Management → Add New Admin - Observe the roles available in the role dropdown.
- Capture the API request generated when creating an admin:
POST /api/admin/add-admin - Modify the role parameter in the request body to another available role ID such as:
- Viewer
- Sub Admin
- Client Admin
- Send the request.
Actual Result
The API successfully creates the admin user with the provided role.
Expected Result
The role assignment behavior should be consistent between the UI and backend API.
Either:
- The UI should allow selecting these roles, or
- The API should enforce the same role restrictions applied in the UI.
Additional Information
A request has been sent to Adhi sir to join the Postman team workspace so the APIs can be accessed and tested directly in Postman.
Files
| BUG AKW0007.png (338 KB) BUG AKW0007.png | Create Admin button doesn't work when Super Admin is selected as Admin Role. | ||
| BUG AKW007.png (298 KB) BUG AKW007.png | While the Super Admin can be created by modifying API call. |
