Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

Users with "System" role assigned via Keycloak receive empty permissions array in _self

Description

Summary: Users with the “System” role assigned via keycloak (e.g. admin, folio) receive an empty permissions.permissions array in the response from .../_self.

Expected results: Assigning the “System” role in keycloak grants all permissions. In the response from _self for a user with this role assigned, permissions.permissions will be populated with all available permissions.

Actual results: Assigning the “System” role in keycloak grants all permissions to make any API request (they all return 2xx), but the response from _self is an empty permissions.permissions array, causing UI components that inspect that data structure to believe the user has NOT been granted any permissions.

CSP Request Details

None

CSP Rejection Details

None

Potential Workaround

None

Checklist

hide

Activity

Show:

Zak Burke March 6, 2024 at 3:52 PM

This isn't so much "Won't do" as "Works as expected". The "System" role is an internal Keycloak role, not a FOLIO one, so FOLIO knows nothing about it and has no capabilities attached to it.

Won't Do

Details

Assignee

Reporter

Labels

Priority

Development Team

Eureka

RCA Group

TBD

TestRail: Cases

Open TestRail: Cases

TestRail: Runs

Open TestRail: Runs

Created March 6, 2024 at 3:05 PM
Updated March 14, 2024 at 12:18 PM
Resolved March 6, 2024 at 3:52 PM
TestRail: Cases
TestRail: Runs