RBAC: Cannot set role-tag on /my/fabrics or descendants

[axisofentropy]

I'm not able to use HTTP PUT to update the role-tag on /my/fabrics or any of its descendants.

Reproduction setup, the usual environment variables and also:

function cloudapi() {
    local now=$(date -u '+%a, %d %h %Y %H:%M:%S GMT')
    local signature=$(echo -n "$now" | openssl dgst -sha256 -sign ~/.ssh/id_rsa | openssl enc -e -a | tr -d '\n')
    local url="$SDC_URL$1"
    shift
    curl --silent --insecure \
        --header 'Accept: application/json' \
        --header "accept-version: ~8" \
        --header "Date: $now" \
        --header "Authorization: Signature keyId=\"/$SDC_ACCOUNT/keys/id_rsa\",algorithm=\"rsa-sha256\" $signature" \
        "$@" "$url"
    echo
}

Make sure keyId matches your account's key name. You may need to create an example role too.

Expected output:

$ cloudapi /my/fabrics --request PUT --header "Content-Type: application/json" --data '{"role-tag": ["network-operator"]}'
{"name":"/$SDC_ACCOUNT/fabrics","role-tag":["network-operator"]}

Actual output:

$ cloudapi /my/fabrics --request PUT --header "Content-Type: application/json" --data '{"role-tag": ["network-operator"]}'
{"code":"ResourceNotFound","message":"fabrics is not a valid resource"}

$ cloudapi /my/fabrics/default --request PUT --header "Content-Type: application/json" --data '{"role-tag": ["network-operator"]}'
{"code":"ResourceNotFound","message":"fabrics is not a valid resource"}

$ cloudapi /my/fabrics/default/vlans --request PUT --header "Content-Type: application/json" --data '{"role-tag": ["network-operator"]}'
{"code":"MethodNotAllowedError","message":"PUT is not allowed"}

$ cloudapi /my/fabrics/default/vlans/2 --request PUT --header "Content-Type: application/json" --data '{"role-tag": ["network-operator"]}'
{"code":"InvalidArgument","message":"property \"role-tag\": unsupported property"}

This server is CloudAPI version 9.3.0, apologies if this is already fixed in a newer version. This may or may not be related to #30 .