Project

General

Profile

Actions

Bug #7337

closed

organizations UI does not filter resources to associate based upon RBAC

Added by Thomas McKay over 9 years ago. Updated over 5 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Users, Roles and Permissions
Target version:
Difficulty:
Triaged:
Fixed in Releases:
Found in Releases:

Description

The list of resources to association with an organization or location, for example subnets, does not honor the user's RBAC permissions. For example, if a user has a filter to see only subnet S1 but there are other subnets S2 and S3, all three will be displayed instead of just S1.

Also related, however, is the fact that the UI sends up the list of subnets on form submit as a group. This means that if the above case is fixed so that the user only sees S1 in the list of choices, this will lead to them effectively remove S2 and S3 if another user had added those. The UI needs to be fixed to perform separate add and remove operations on individual IDs rather than blindly posting back what it believes to be the full set.


Related issues 3 (1 open2 closed)

Related to Foreman - Bug #6760: Models should ensure the authorization of associated objects before associating them to the modelNew07/23/2014Actions
Related to Foreman - Bug #7221: Edit organization displays associated resources for use w/o permissionsClosedThomas McKay08/21/2014Actions
Related to Foreman - Bug #11187: Taxonomy selectors are empty even for users with assign permissionsClosedMarek Hulán07/22/2015Actions
Actions #1

Updated by Thomas McKay over 9 years ago

  • Bugzilla link set to 1136910
Actions #2

Updated by Dominic Cleal over 9 years ago

  • Related to Bug #6760: Models should ensure the authorization of associated objects before associating them to the model added
Actions #3

Updated by Dominic Cleal over 9 years ago

  • Related to Bug #7221: Edit organization displays associated resources for use w/o permissions added
Actions #4

Updated by Dominic Cleal over 9 years ago

  • Category changed from Web Interface to Users, Roles and Permissions
Actions #5

Updated by Tomer Brisker about 9 years ago

  • Status changed from New to Assigned
  • Assignee set to Tomer Brisker
Actions #6

Updated by The Foreman Bot about 9 years ago

  • Status changed from Assigned to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/2225 added
  • Pull request deleted ()
Actions #7

Updated by Dominic Cleal almost 9 years ago

  • translation missing: en.field_release set to 35
Actions #8

Updated by Anonymous almost 9 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100
Actions #9

Updated by Marek Hulán over 8 years ago

  • Related to Bug #11187: Taxonomy selectors are empty even for users with assign permissions added
Actions

Also available in: Atom PDF