Setting ACL to all doesn't remove acl list
baszoetekouw opened this issue · comments
When some entities are allowed in the ACL, the (new) REST api shows this:
calling
curl -u user:pass -H "Content-type: application/json" --data-binary '' -v -X GET https://serviceregistry.surfconext.nl/janus/app.php/api/connections/1995.json
gives
{
"allowAllEntities": false,
"allowedConnections": [
{
"id": 433,
"name": "https://vc.fontys-educatief.nl/simplesaml/module.php/saml/sp/metadata.php/default-sp"
},
{
"id": 580,
"name": "https://beehub.nl/system/simplesaml/module.php/saml/sp/metadata.php/BeeHub"
},
],
...
Now, when I set the ACL to Allow All (like
curl -u user:pass -H "Content-type: application/json" --data-binary '{ "allowAllEntities": true }' -v -X PUT https://serviceregistry.surfconext.nl/janus/app.php/api/connections/1995.json
), I expect Janus to set allowAllEntities to true and clear the allowedConnections list. The result, however, is this:
{
"allowAllEntities": true,
"allowedConnections": [
{
"id": 433,
"name": "https://vc.fontys-educatief.nl/simplesaml/module.php/saml/sp/metadata.php/default-sp"
},
{
"id": 580,
"name": "https://beehub.nl/system/simplesaml/module.php/saml/sp/metadata.php/BeeHub"
},
],
...
In the UI, this looks like this:
Which seems rather inconsistent.
I would expect this REST call to do the right thing and not to allow inconsistent data.
verified on test2