This raises an interesting question: What should the behavior be when a user submits a folder configuration with AuthorizationMatrixProperty, but doesn't include themselves in the permissions for Read/Configure? The listener was written for use with the UI (in which the sequence of steps prevents users from granting themselves permission), rather than the API. I think an argument can be made for both cases, so I plan to only address the specific reported issue here, rather than introduce a larger behavior change. |