Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Incosistent List API behavior #336

Open
nsklikas opened this issue Jun 24, 2024 · 1 comment
Open

Incosistent List API behavior #336

nsklikas opened this issue Jun 24, 2024 · 1 comment
Labels
bug Something isn't working

Comments

@nsklikas
Copy link
Contributor

The list APIs for kratos, oathkeeper and hydra resources (idps, schemas, clients, etc) list all available resources, as long as the user is logged in.

That is the intended behavior for openfga resources (roles, groups) as well, but that's not the case. It is easy to reproduce this by running the skaffold setup, creating a group and then calling the groups api unauthenticated. You will get only the global group back, eg
image

I think that the reason for this is that we use the openfga list API to list the roles and groups, which does not take into account the * relation.
@nsklikas nsklikas added the bug Something isn't working label Jun 24, 2024
@syncronize-issues-to-jira Syncronize issues to Jira
Copy link

Thank you for reporting us your feedback!

The internal ticket has been created: https://warthogs.atlassian.net/browse/IAM-932.

This message was autogenerated

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@nsklikas