search

microsoft / dev-proxy

Dev Proxy is an API simulator that helps you effortlessly test your app beyond the happy path.
https://aka.ms/devproxy
MIT License
471 stars 56 forks source link

Bug: MinimalPermissionsGuidancePlugin reports incorrect unnecessary permissions #712

Closed waldekmastykarz closed 4 months ago

waldekmastykarz commented 4 months ago 
Evaluating delegated permissions for:
- GET /me

Minimal permissions:
User.Read
Permissions on the token:
AllSites.FullControl, AppCatalog.ReadWrite.All, AuditLog.Read.All, Bookings.Read.All, Calendars.Read, ChannelMember.ReadWrite.All, ChannelMessage.Read.All, ChannelMessage.Send, ChannelSettings.ReadWrite.All, Chat.Read, Chat.ReadWrite, Directory.AccessAsUser.All, Directory.ReadWrite.All, ExternalConnection.ReadWrite.All, ExternalItem.Read.All, ExternalItem.ReadWrite.All, Files.ReadWrite, Group.ReadWrite.All, IdentityProvider.ReadWrite.All, InformationProtectionPolicy.Read, Mail.Read.Shared, Mail.ReadWrite, Mail.Send, Notes.Read.All, OnlineMeetings.Read, OnlineMeetingTranscript.Read.All, openid, Place.Read.All, Policy.Read.All, profile, RecordsManagement.ReadWrite.All, Reports.Read.All, SecurityEvents.Read.All, ServiceHealth.Read.All, ServiceMessage.Read.All, ServiceMessageViewpoint.Write, Tasks.ReadWrite, Team.Create, TeamMember.ReadWrite.All, TeamsAppInstallation.ReadWriteForUser, TeamSettings.ReadWrite.All, TeamsTab.ReadWrite.All, TermStore.ReadWrite.All, User.Invite.All, User.Read, User.ReadWrite.All, email
  WARNING: The following permissions are unnecessary: AllSites.FullControl