Details
-
Bug
-
Status: Closed (View Workflow)
-
TBD
-
Resolution: Done
-
6.0.0
-
None
-
CP: sprint 130
-
2
-
Core: Platform
Description
When checking that permissions can be added for user (operating user), mod-permissions checks X-Okapi-Permissions header in the assumption this has all modulePermissions for the request.
It does not include them.. only the permission for the call itself. Fix this by looking at the
token instead which includes JSON payload property extra_permissions that includes all modulePermissions.
This can also be viewed as an Okapi error, although changing behavior should be done with care. So for now, changing mod-permissions to use existing infrastructure.
TestRail: Results
Attachments
Issue Links
- relates to
-
MODPERMS-157 Check assignment permissions for operating user
-
- Closed
-
-
MODPERMS-172 permission assign: lax operating user check
-
- Closed
-
-
MODPERMS-175 Improve diagnostics for operating check
-
- Closed
-
-
MSEARCH-267 Listening port configuration?
-
- Closed
-
-
FAT-1129 Cannot add mutable permission admins.lol-speak (mod-permissions karate test)
-
- Closed
-
-
MODPATRON-98 Module endpoint permission granting isn't working properly.
-
- Closed
-
-
OKAPI-1062 Add OkapiToken.getPayloadWithoutValidation
-
- Closed
-