-
Notifications
You must be signed in to change notification settings - Fork 591
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix(unrestricted): load permissions for unrestricted roles (#500)
The unrestricted user can have associated roles via `UserRolesProvider.loadUnrestrictedRoles`, however this would always short-circuit evaluation of permissions for those roles. This resulted in the case where on the first authorization (`POST /roles/:userId`) the user would not have access to any resources that were granted solely via the unrestricted role. However in a subsequent authentication - the users permissions would get merged with an existing user entry and the unrestricted roles would show up as if they were directly granted to the user (due to thge way the `UserPermissions.merge` happens in the `RedisPermissionRepository`) and eventually the resources protected by unrestricted roles would show up.
- Loading branch information
1 parent
ab3a13a
commit 157872f
Showing
2 changed files
with
16 additions
and
5 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters