Description
When role-based access control (RBAC) is active, the AuthorizedSubmodelRepository filters submodels and submodel elements based on the current permissions. However, the current implementation applies filtering before pagination, which leads to the following issues:
- Pages may appear empty, even though data exists beyond the current page — just not visible due to access restrictions.
- Cursor information from the decorated repository is not preserved, which can break proper paging behavior.
Example scenario
- A user requests:
GET /submodels?limit=5
- There are 20 submodels in total, but the user only has access to 1 of them.
- The RBAC logic filters the list to 1 submodel before pagination.
- Result: Only one submodel is returned, no correct cursor is provided, and further paging is no longer possible.
Expected behavior
- Pagination should be applied on the full data set returned by the decorated repository.
- RBAC filtering should happen after pagination.
- If the filtered result is too small, additional data should be fetched (refetch loop).
- The cursor from the original result set should always be passed through transparently.
Suggested fix
Refactor AuthorizedSubmodelRepository#getAllSubmodels(...) and getSubmodelElements(...) to use a pagination-aware authorization wrapper (similar to the one already used in the Submodel Service).
Reference implementation:
FilteringBasyxResourceFetcher
(used in basyx.submodelservice-feature-authorization)
This class refetches pages until the filtered result matches the requested limit or the decorated source is exhausted.
Additional notes
This bug may lead to unpredictable behavior in frontends using cursor-based paging, especially when large sets of inaccessible resources are present in the repository.
Description
When role-based access control (RBAC) is active, the
AuthorizedSubmodelRepositoryfilters submodels and submodel elements based on the current permissions. However, the current implementation applies filtering before pagination, which leads to the following issues:Example scenario
GET /submodels?limit=5Expected behavior
Suggested fix
Refactor
AuthorizedSubmodelRepository#getAllSubmodels(...)andgetSubmodelElements(...)to use a pagination-aware authorization wrapper (similar to the one already used in the Submodel Service).Reference implementation:
FilteringBasyxResourceFetcher(used in
basyx.submodelservice-feature-authorization)This class refetches pages until the filtered result matches the requested limit or the decorated source is exhausted.
Additional notes
This bug may lead to unpredictable behavior in frontends using cursor-based paging, especially when large sets of inaccessible resources are present in the repository.