Project

General

Profile

Actions
Copy link

Bug #18042

open

Host Compute Resource field does not honor view permissions

Added by Timo Goebel over 7 years ago. Updated over 7 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Host creation
Target version:
-
Difficulty:
Triaged:
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:
1.13.3
Red Hat JIRA:

Description

A user with limited view permissions for compute resources via scoped search can see eight compute resources + bare metal. The compute resources show page lists only three compute resources, which is the correct value.

Expected: The user would only see three compute resources in the select box when creating a new host.

Related issues 1 (0 open1 closed)

Related to Foreman - Feature #4477: Improve permissions on resources in host creation/editing formClosedTomer Brisker02/27/2014Actions
Actions
Copy link
 #2

Updated by Tomer Brisker over 7 years ago

  • Related to Feature #4477: Improve permissions on resources in host creation/editing form added
Actions
Copy link
 #3

Updated by Marek Hulán over 7 years ago

I'm not sure how this was supposed to work, it seems authorized call does not specify any permission https://github.com/theforeman/foreman/blob/develop/app/helpers/application_helper.rb#L458 to verify. Adding something like "view_#{...}" might help

Actions
Copy link

Also available in: Atom PDF