[OPENIDM-10696] Full attribute details not available to policies when creating role via relationship collection Created: 17/Apr/18 Updated: 25/Apr/18 Resolved: 25/Apr/18
|Component/s:||Module - Policy|
|Affects Version/s:||OpenIDM 5.0.0, OpenIDM 5.5.0|
|Reporter:||Tom Wood||Assignee:||Brendan Miller|
|Remaining Estimate:||Not Specified|
|Time Spent:||Not Specified|
|Original Estimate:||Not Specified|
When creating a relationship between two objects, any policy on the relationship itself does not have access to the child attributes (e.g. _refProperties) if the relationship is created directly against the relationship collection.
As an example, the UI performs the following when adding a role to a managed/user:
Which has the following content for the 'fullObject' within policy.js:
If adding the role directly to the user object:
Then the entire role object is available to the policy:
|Comment by Brendan Miller [ 25/Apr/18 ]|
1. This is not a bug - we've never implemented policy checks on relationship endpoints.
to the role or other related object.