Project

General

Profile

Actions
Copy link

Bug #20006

open

User permissions for "Organization Selection"

Added by Josh Pavel almost 8 years ago. Updated 8 months ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Security
Target version:
-
Difficulty:
easy
Triaged:
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

1.) Create a user account with rights to a specific org
2.) By default, user will login to "Any Org/Any Location"
3.) Try to access Katello resources (Content hosts, Products, Lifecycle, Activation Keys, etc.)
4.) Instead of the "Select an organization" page, user gets set to "/katello/403"

Workaround:
Users can first select their approved organization from the the top left drop down (requires education)
- alternatively -
Pin the users to their org upon login (doesn't work for LDAP IDs, which aren't "realized" until the user logs in the first time)

Expected behavior:
All users should have rights to the "select an organization" page; or better, if a user only has rights to a single org, they shouldn't have visibility to other orgs or the ability to pick another org.

Actions
Copy link
 #1

Updated by Justin Sherrill almost 8 years ago

  • Translation missing: en.field_release set to 114
  • Difficulty set to easy
Actions
Copy link
 #2

Updated by Ian Ballou 8 months ago

  • Target version deleted (Katello Backlog)
Actions
Copy link

Also available in: Atom PDF