The PrivilegeService determines which permissions a user has access to. This Service is mainly utilized by the end user UI to populate tabs, etc. that allow the user to perform operations allowed by those permissions.
Currently if the user only has openidm-admin, there are no permissions returned by the PrivilegeService. If the user has other roles (with privileges) as well as openidm-admin, the PrivilegeService returns permissions based only on the role with privileges and doesn't consider that openidm-admin allows access to all.
The PrivilegeService should return all schema fields with all permissions for the resource in question if the openidm-admin role is present for the user making the request.