Project

General

Profile

Bug #15276

Viewer role user can manage Content Views

Added by Zach Huntington-Meath over 4 years ago. Updated over 2 years ago.

Status:
Closed
Priority:
Normal
Category:
Users, Roles and Permissions
Target version:
Difficulty:
Triaged:
Bugzilla link:
Fixed in Releases:
Found in Releases:

Description

Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1341656
Description of problem:
User with Viewer role assigned can create/update/publish/promote/remove Content Views, even the existing ones!!!

Version-Release number of selected component (if applicable):
6.2.0-Snap13.1

How reproducible:
always

Steps to Reproduce:
0. Prepare some content, some CVs under admin account
1. Create a user with just Viewer role assigned
2. Login as viewer user and navigate to Content -> Content Views
3. Have a "good play" with admin content

Actual results:
predefined role grants unexpected permissions

Expected results:
predefined role grants only expected permissions

Associated revisions

Revision 44c3e9e1 (diff)
Added by Zach Huntington-Meath over 4 years ago

Fixes #15276 - view permissions start with view

Revision 88d609e3 (diff)
Added by Zach Huntington-Meath over 4 years ago

Fixes #15276 - view permissions start with view

(cherry picked from commit 44c3e9e13fe51d6925989dd917cce3a310e7b826)

History

#1 Updated by The Foreman Bot over 4 years ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/3570 added

#2 Updated by Dominic Cleal over 4 years ago

  • Category set to Users, Roles and Permissions
  • Assignee set to Zach Huntington-Meath

#3 Updated by Marek Hulán over 4 years ago

  • Legacy Backlogs Release (now unused) set to 160

#4 Updated by Dominic Cleal over 4 years ago

  • Legacy Backlogs Release (now unused) changed from 160 to 161

Going to move this earlier if that's OK Marek, it looks like a valuable bug fix.

#5 Updated by Marek Hulán over 4 years ago

no objections, thanks

#6 Updated by Zach Huntington-Meath over 4 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

Also available in: Atom PDF