Not possible to add external roles to an ACL through the admin UI


In 1.6.x it's possible to edit an ACL and add additional (previously unseen) roles without restriction.

In 2.x, this is no longer possible.

It is arguable that if there is a set of possible external roles, those should be surfaced through a RoleProvider which would retrieve role information from an external system on demand, although this may introduce performance issues in the UI if there's a very large number of external roles available (in our case, possibly in excess of 50K).


Greg Logan
September 9, 2016, 9:33 PM

The RoleProvider interface has a findRoles method, which allows for wildcard enabled queries. I think the provider(s) themselves should already support this, it's just a matter of wiring up the UI and its endpoints to support this.

Fixed and reviewed
Your pinned fields
Click on the next to a field label to start pinning.


Greg Logan


Stephen Marquard