Abu Kashem 01619cfaf6 Add impersonated user to system:authenticated group ...

Currently if a group is specified for an impersonated user,
'system:authenticated' is not added to the 'Groups' list inside the
request context.
This causes priority and fairness match to fail. The catch-all flow
schema needs the user to be in the 'system:authenticated' or in the
'system:unauthenticated' group. An impersonated user with a specified
group is in neither.

As a general rule, if an impersonated user has passed authorization
checks, we should consider him authenticated.

2020-08-25 14:53:01 -04:00

3.4 KiB

Executable File

Raw Blame History

View Raw