Details
-
Type:
Bug
-
Status: Resolved
-
Priority:
Minor
-
Resolution: Fixed
-
Affects Version/s: None
-
Fix Version/s: 3.9
-
Component/s: None
-
Labels:None
-
Subscription:No subscription (community)
Description
A newer RAW OPERATION authorization was added to midPoint in version 3.7 ( https://wiki.evolveum.com/display/midPoint/Authorization+Configuration). It seems this authorization is required to run reports (or to execute the queries for these reports) for object types used in the report.
Per mailing list discussion, this is a bug since rawOperations should not be required for GUI operations other than working with XML configuration directly (http://lists.evolveum.com/pipermail/midpoint/2018-October/004987.html)
To reproduce, create user with limited authorizations (no rawOperation authorizations) and attempt to run a report).