Uploaded image for project: 'OpenIDM'
  1. OpenIDM
  2. OPENIDM-14047

DAF PATCH for relationships is denied for add and does not complete for remove

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 7.0.0
    • Fix Version/s: 7.0.0
    • Component/s: None
    • Labels:

      Description

      • Currently DelegatedAdminFilter is validating the leaf of the "field" for patch operations. Now that we are supporting relationships the leaf may be something like "roles/-" which fails attribute validation since "-" is not an attribute. It should be examining the head instead so like this case of relationships, "roles" is validated instead. In the case of an object field like "preferences/marketing", "preferences" will be validated instead of "marketing". 
      • FieldAugmentationFilter checks for if the container refResourceCollection has a privilege filter so that the object details can be read in order to apply filter validation. Currently it is checking this on the main container, but when that container is a collection the value is null and allows the process to continue. This logic should check for non-trivial privilege filters for if container is a map, or for each object of the collection.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                katie.gonzalez Katie Gonzalez
                Reporter:
                katie.gonzalez Katie Gonzalez
                QA Assignee:
                Alexander Dracka
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: