[midPoint-git] [Evolveum/midpoint] 94589a: Smart Integration: Fix AI permission bypass when s...
Michal Zelenčík
noreply at github.com
Tue May 5 11:50:59 CEST 2026
Branch: refs/heads/master
Home: https://github.com/Evolveum/midpoint
Commit: 94589aaaa4c382c5ca5a882a11c1d1e01ce4e9f5
https://github.com/Evolveum/midpoint/commit/94589aaaa4c382c5ca5a882a11c1d1e01ce4e9f5
Author: Michal Zelencik <michal.zelencik at evolveum.com>
Date: 2026-05-05 (Tue, 05 May 2026)
Changed paths:
M model/smart-impl/src/main/java/com/evolveum/midpoint/smart/impl/activities/correlationSuggestion/CorrelationSuggestionSchemaMatchingActivityRun.java
M model/smart-impl/src/main/java/com/evolveum/midpoint/smart/impl/activities/mappingSuggestion/MappingsSuggestionSchemaMatchingActivityRun.java
Log Message:
-----------
Smart Integration: Fix AI permission bypass when schema match is cached
When SCHEMA_ACCESS permission was not granted, the schema matching
activity runs would still silently reuse a previously computed
AI-generated schema match from cache. The permission check for
SCHEMA_ACCESS was placed after the cache early-return, making it
unreachable whenever a cached schema match existed.
This caused AI-curated attribute pairs to feed into mapping/correlation
suggestion generation even when the user explicitly unchecked the
SCHEMA_ACCESS permission in the confirmation dialog.
Signed-off-by: Michal Zelencik <michal.zelencik at evolveum.com>
To unsubscribe from these emails, change your notification settings at https://github.com/Evolveum/midpoint/settings/notifications
More information about the midPoint-svn
mailing list