new managed object read

This topic has 2 replies, 2 voices, and was last updated 2 years, 6 months ago by pinku.

Author

Posts
August 23, 2018 at 3:23 pm #22978
pinku
Participant
Hi,

I have created a new managed object called ‘entity’ and created one record for it.

I have created one new internal user(restReadAdmin) and one new internal role(readrole). restReadAdmin now has the only readrole role.

have mofified the access.js as below
{
“pattern” : “managed/entity”,
“roles” : “readrole”,
“methods” : “read”,
“actions” : “*”
}

Now when I try to get the managed object I get access denied as below

curl \
–insecure \
–header “X-OpenIDM-Username: restReadAdmin” \
–header “X-OpenIDM-password: [email protected]” \
–request GET \
‘https://localhost:8443/openidm/managed/entity/?_queryId=get-by-field-value&field=entityID&value=testentityID’

{“code”:403,”reason”:”Forbidden”,”message”:”Access denied”}

However, if I change the methods for read to * like below, it does return the record and works.
{
“pattern” : “managed/entity”,
“roles” : “readrole”,
“methods” : “*”,
“actions” : “*”
}

Any idea why it fails, it fails even if I give all the methods there, works only for *.
- This topic was modified 2 years, 6 months ago by pinku.
August 23, 2018 at 3:57 pm #22980

[email protected]
Participant

Does “all the methods” contain “query”?

I suppose methods should be “read,query”.

August 23, 2018 at 5:43 pm #22983

pinku
Participant

Thanks Patrick, awesome, that works.
Author

Posts

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.

©2021 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.