Allow specifying owner even if that is given implicitly by role assignment
Once I was assigned the "Application Developer" Azure AD role I could no longer issue requests where I set myself as owner of a group when creating it. I consider this to be broken as implicit behavior based on role assignment affect the format of my requests to the Graph API!
Failing request:
{
"displayName": "My group",
"mailEnabled": false,
"mailNickname": "undefined",
"securityEnabled": true,
"owners@odata.bind": [
"<a rel="nofollow noreferrer" href="https://graph.microsoft.com/v1.0/users/">https://graph.microsoft.com/v1.0/users/</a><id of myself>"
]
}
Response:
{
"error": {
"code": "Request_BadRequest",
"message": "Request contains a property with duplicate values.",
"innerError": {
"request-id": "aae9881c-570e-4443-9ce7-a4ca87889d9e",
"date": "2019-10-02T13:06:59"
}
}
}
Successful request:
{
"displayName": "My group",
"mailEnabled": false,
"mailNickname": "undefined",
"securityEnabled": true
}
This time the group was created and I was set as owner anyway based on my "Application Developer" role.
