Apply FLPs Only To Identities That Are Type Of `admin`

webiny / webiny-js

Open-source serverless enterprise CMS. Includes a headless CMS, page builder, form builder, and file manager. Easy to customize and expand. Deploys to AWS.

https://www.webiny.com

Other

7.29k stars 601 forks source link

Apply FLPs Only To Identities That Are Type Of `admin` #4082

Closed adrians5j closed 4 months ago

adrians5j commented 4 months ago

Changes

With this PR, we're ensuring FLPs are only being applied to identities of type admin, which was actually the intention with the initial scope of FLP.

What this ultimately resolves is FLP not allowing API keys access to folders which have at least one FLP rule attached to them.

How Has This Been Tested?

Added a Jest test.

Documentation

Changelog.