Project

General

Profile

Bug #16633

Auth source controllers uses wrong permissions

Added by Daniel Lobato Garcia about 2 years ago. Updated 2 months ago.

Status:
Closed
Priority:
Normal
Category:
Authorization
Target version:
Difficulty:
Triaged:
Bugzilla link:
Team Backlog:
Fixed in Releases:
Found in Releases:

Description

Non-admin users can only be assigned the 'view_authenticators' (or edit, etc...) permission.
However, the API and UI controllers do not take that into account, and use 'view_auth_source_ldaps' (and the rest).

The fix is simple, override `controller_permission` in the controllers to make sure users are checked against the right kind of permission.

Associated revisions

Revision 8cc04d55 (diff)
Added by Daniel Lobato Garcia almost 2 years ago

Fixes #16633 - AuthSourceLDAP uses *_authenticators filters

Prior to this, non-admin users who were granted *_authenticators
permissions were not able to use them, as the controllers were looking
for *_auth_source_ldaps permissions instead.

Revision 426bdbc9 (diff)
Added by Daniel Lobato Garcia almost 2 years ago

Fixes #16633 - AuthSourceLDAP uses *_authenticators filters

Prior to this, non-admin users who were granted *_authenticators
permissions were not able to use them, as the controllers were looking
for *_auth_source_ldaps permissions instead.

(cherry picked from commit 8cc04d55c2cbe27a5c5fbb74254102f9d9658149)

History

#1 Updated by The Foreman Bot about 2 years ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/3872 added

#2 Updated by Marek Hulán almost 2 years ago

  • Legacy Backlogs Release (now unused) set to 189

#3 Updated by Dominic Cleal almost 2 years ago

Would 1.13.1 be better? It looks like a low risk, but useful bug fix, with test coverage etc.

#4 Updated by Anonymous almost 2 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

#5 Updated by Marek Hulán almost 2 years ago

  • Legacy Backlogs Release (now unused) changed from 189 to 190

Sounds good, moving.

Also available in: Atom PDF