Some access control checks are made against the REST model

Description

There are places in our service model where access control decisions are made by calling hasAction() on instances on the EntityAccessControl REST model rather than the actual access controlled metadata domain model. It would be better if all access control checks were made against the same API, and the metadata domain is the real source of truth for access control state. This is especially problematic if we are checking REST model objects for access control that have been posted to Kylo (not sure if this is actually happening.)

This behavior also interferes with the new refactoring that delegates all checks to the AccessController component.

Environment

None

Status

Assignee

Unassigned

Reporter

Sean Felten

Labels

None

Reviewer

None

Story point estimate

None

Components

Fix versions

Affects versions

Priority

High
Configure