exists not working correctly with operation domain in v2.1.1?

[Atlinx]

I've updated Typetta from 2.0.0-10 to 2.1.1 and I'm getting the following error when querying for an entity:

{
  "message": "[Security Policy Middleware] Unauthorized access to restricted fields.",
  "locations": [
    {
      "line": 2,
      "column": 3
    }
  ],
  "path": [
    "securityContext"
  ],
  "extensions": {
    "code": "INTERNAL_SERVER_ERROR",
    "exception": {
      "allowedProjection": {
        "__typename": true,
        "avatarLink": true,
        "bannerLink": true,
        "createdAt": true,
        "updatedAt": true,
        "id": true,
        "username": true,
        "displayName": true,
        "projectMembers": true,
        "classYear": true,
        "roles": true,
        "socials": true,
        "bio": true,
        "eBoard": true
      },
      "requestedProjection": true,
      "unauthorizedProjection": true,
      "permissions": [],
      "operationDomains": [
        {
          "id": [
            "62c0076811b212adc8f4622f"
          ]
        }
      ],
      "stacktrace": [
        "Error: [Security Policy Middleware] Unauthorized access to restricted fields.",
        "    at before (c:backend\\node_modules\\@twinlogix\\typetta\\lib\\dal\\dao\\middlewares\\securityPolicy\\security.middleware.js:99:27)",
        "    at InMemoryUserDAO.executeBeforeMiddlewares (c:backend\\node_modules\\@twinlogix\\typetta\\lib\\dal\\dao\\dao.js:533:34)",
        "    at runMicrotasks (<anonymous>)",
        "    at processTicksAndRejections (node:internal/process/task_queues:96:5)",
        "    at async c:backend\\node_modules\\@twinlogix\\typetta\\lib\\dal\\dao\\dao.js:220:35",
        "    at async InMemoryUserDAO.logOperation (c:backend\\node_modules\\@twinlogix\\typetta\\lib\\dal\\dao\\dao.js:594:28)",
        "    at async getCompleteSecurityContext (c:backend\\dist\\controllers\\security.controller\\security-context.js:11:24)",
        "    at async Object.securityContext (c:backend\\dist\\graphql\\auth\\auth.resolvers.js:11:24)"
      ]
    }
  }
}

Here's the relevant bit of my security policy:

      user: {
        domain: {
          userId: 'id',
        },
        permissions: {
          READ_USER_PRIVATE: PERMISSION.READ_ONLY,
        },
        defaultPermissions: {
          read: {
            __typename: true,
            avatarLink: true,
            bannerLink: true,
            createdAt: true,
            updatedAt: true,
            id: true,
            username: true,
            displayName: true,
            projectMembers: true,
            classYear: true,
            roles: true,
            socials: true,
            bio: true,
            eBoard: true,
          },
        },
      },

I don't understand why unauthorizedProjection is true. I'm not accessing any fields that aren't allowed, therefore I shouldn't be getting any errors. Could this error have to do with the "deriving operation domain from filter" functionality?

[Atlinx]

Changing the EntityManager I used into an unsecured EntityManager fixed the problem for me. However, my code should theoretically run fine with a secured EntityManager. I noticed that the error occurs during an exists operation. Maybe the exists operation is incorrectly applying the operation domain?

[edobrb]

This was because the projection inferred by the exists operation is true. I fixed the bug and released version 2.1.2. As always thanks for reporting.