From the related JIRA:
"Requests for edge returning too many objects when filter is only on one resource collection.
Example:A request to
will return too many objects if there is both an internal/role and a managed/role but the filter is only on one path."
Task: We need to test that the scenario actually does filter results by privilege resource path, and that the correct number of responses is returned.
- delegated user has privileges to both managed/role and internal/role, but the internal/role privilege has a filter of "/name eq 'openidm-authorized'"
- psmith in the above request example user has 3 authzRoles assigned to them. 1 managed/role and 2 internal/role (1 named 'openidm-authorized', and 1 named whatever else)
- perform the query above
- Only 2 authzRoles should return. 1 managed/role and 1 internal/role named "openidm-authorized). This is because internal/role should be filtered by "/name eq 'openidm-authorized'"