[IGN-8414] system.perspective.isAuthorized does not work as specified

The system.perspective.isAuthorized function does not work as specified.

When I set the isAllOf to False it does not return True , even through a path that matches the users security level exist in the list.

isAuthorized=system.perspective.isAuthorized(False,['Paarl', 'Paarl/A_01', 'Paarl/A_01/PC_01'])

Below is a user with the following security level.


Here the function works , isAuthorized returns 1.
image

When I change the users security level to one level less on the gateway, but keep the path list for the function the same.


It fails?
image

It seems to only check the most specific path in the list instead of all items in the list ,which is not what the documentation describes.

My current work around was to create a custom function to implement this check.

Hopefully this gets fixed soon.

That's interesting. I've verified this on our side and opened an internal ticket to address the issue. While it's unfortunate that it doesn't work in this scenario, the silver lining is that the result is a false negative instead of a false positive.

Any user granted security level Paarl/A_01/PC_01 is granted security levels Paarl/A_01 and Paarl by design. So when you make a call like this:

system.perspective.isAuthorized(False,['Paarl', 'Paarl/A_01', 'Paarl/A_01/PC_01'])

it simplifies to:

system.perspective.isAuthorized(False,['Paarl'])

system.perspective.isAuthorized does not currently perform this simplification for you, but it should in order to comply with the documented behavior and to just be nice to the user, so that is what Cody's ticket IGN-8414 will be all about.

In the meantime, you will have to manually simplify your arguments passed to the scripting function.

1 Like

Thank you for the update.

1 Like