Breaking changes
The fix of the scoped roles came with some drastic changes in the data structure of the roles and permissions. These changes break roles and permission on existing spaces (auth and roles/permissions dont work if an existing deployment is just updated to this version).
Since we are still in the MVP phase and not live yet there are only the following two ways to fix this:
create a new space (roles and permissions are correctly set up during space creation)
there will be an admin role with all permissions
additional roles can of course be created
give the users these roles in the scoped role format <configAreaId:roleId> in the auth provider
clean up existing space
delete all existing permissions and roles
trigger the following endpoint to create the permissions correctly (same process thats normally done during space creation) /{spaceId}/api/v1/permissions/create-missing
create fresh roles and give them to your users as in option 1
Features
Handling Configuration Items
...