Uploaded image for project: 'Red Hat build of Keycloak'
  1. Red Hat build of Keycloak
  2. RHBK-2973

Filtering not working when using view-member permission with a permission that denies access to a resource [GHI#38304]

XMLWordPrintable

    • False
    • Hide

      None

      Show
      None
    • False

      Before reporting an issue

      [x] I have read and understood the above terms for submitting issues, and I understand that my issue may be closed without action if I do not follow them.

      Area

      admin/fine-grained-permissions

      Describe the bug

      Filtering not working when using view-member permission with a permission that denies access to a resource

      Version

      999.0.0-SNAPSHOT

      Regression

      [ ] The issue is a regression

      Expected behavior

      Show members of a group but deny access to an individual resource

      Actual behavior

      The filter remove all users from the list

      How to Reproduce?

      • Create a Group resource type permission that grants access to view-members of a specific group
      • Create a User resource type permission that denies access to one of the members of the group
      • List users using some realm admin user that have the query-users role

      Anything else?

      No response

              Unassigned Unassigned
              pvlha Pavel Vlha
              Keycloak Core IAM
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: