edit_hostgroups privilege not respecting filters placed on user account
Placing a filter on a user account that "Host Groups must be" and selecting only 1 group -- then placing the user in a role that only has edit_hostgroups and view_hostgroups privileges results in the user being able to view and edit all host groups.
Was unsure if this was a bug or should be a feature request until I saw that a user in this setup (with view and edit hosts) can only place a host in a host group that is within the filter. Drop down list for selecting the host group only contains groups selected with the above filter. But when in the Host Groups section, same user can see and edit all host groups.
Seen in version 0.4.2
#1 Updated by Roger Spencer about 11 years ago
Of course I messed up the title. Should be edit_hostgroups privilege, not edit_hosts.
Should have had my second cup of coffee first.
#2 Updated by Ohad Levy about 11 years ago
- Subject changed from edit_hosts not respecting filters placed on user account to edit_hostgroups privilege not respecting filters placed on user account
- Assignee set to Greg Sutcliffe
and another one? :)
#3 Updated by Greg Sutcliffe about 11 years ago
Partially confirmed on 0.4.2. The User can indeed see all Hostgroups, and can view the Edit page. However, attempts to Submit the page seem to fail.
In testing, I found that under this set up, the User couldn't actually Submit changes for Hostgroups that they are allowed to edit.
Re-testing on the develop branch, I can confirm this behaviour. Since it's permissions-based, I'll fix it and merge into my permissions pull-request, so don't merge that just yet :)
#4 Updated by Greg Sutcliffe about 11 years ago
- Status changed from New to Closed
- Target version set to 1.0
- % Done changed from 0 to 100
Applied in changeset 54358a76e4fc7355c51404f6888cb66600a27fdc.