Prior to this change, the following two functional tests will fail:
Policy.Default Policy.Reauthentication Change Password.user_can_not_update_password_by_patch_without_reauth
Policy.Default Policy.Reauthentication Change Password.user_can_not_update_password_by_put_without_reauth
After this change, the org model failed to work, as the privilege manipulations performed by orgPrivileges.js were not returned to AugmentationScriptExecutor.java.
The AugmentationScriptExecutor will examine the results of augmentSecurityContext binding invocations, and harvest the returned values by incorporating them into the security context. Currently, orgPrivileges.js will return a Map with a privileges array including the appropriate org privileges reflecting the logged-in user's adminOfOrg and ownerOfOrg relationships. The customAuthz.js script will return the authorization map augmented to reflect protected attributes.
The yield of each of these invocations must be included in a single map, returned to to the AugmentationScriptExecutor. One solution is to write a 'wrapper' script which will make each of the invocations distinctly, merging the yield of each in a single map, which is then returned to the AugmentationScriptExecutor.