Project

General

Profile

Bug #24850

Do not allow usergroup to be added to itself

Added by Ondřej Pražák over 4 years ago. Updated over 2 years ago.

Status:
Closed
Priority:
Normal
Category:
Users, Roles and Permissions
Target version:
-
Difficulty:
Triaged:
No
Bugzilla link:
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

When editing a usergroup, it is possible to add it to itself and cause endless method call loop.

Steps to reproduce:
1) create a usergroup
2) edit that usergroup and add it to selected items (see the screenshot), submit
3) stack level too deep

edit-group.png View edit-group.png 23.1 KB Ondřej Pražák, 09/07/2018 11:54 AM
stack-error.png View stack-error.png 194 KB Ondřej Pražák, 09/07/2018 11:55 AM
Edit group Stack error

Related issues

Has duplicate Foreman - Bug #26360: Adding current usergroup to them self cause error Duplicate
Has duplicate Foreman - Bug #26575: Stack trace when adding/removing an user to a groupDuplicate

Associated revisions

Revision 37e90f72 (diff)
Added by Ondřej Pražák about 4 years ago

Fixes #24850 - Do not add usergroup to itself (#6054)

History

#1 Updated by Marek Hulán over 4 years ago

We used to have validation for that - https://github.com/theforeman/foreman/blob/ae96cb70130968bdcc8b7a9a9af7edc7c6e0d9a8/app/models/usergroup_member.rb#L25

Perhaps after some upgrade, before_validation stopped working?

#2 Updated by The Foreman Bot over 4 years ago

  • Assignee set to Ondřej Pražák
  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/6054 added

#3 Updated by Ondřej Pražák over 4 years ago

Marek Hulán wrote:

We used to have validation for that - https://github.com/theforeman/foreman/blob/ae96cb70130968bdcc8b7a9a9af7edc7c6e0d9a8/app/models/usergroup_member.rb#L25

Perhaps after some upgrade, before_validation stopped working?

That one works and detects cycles as expected when I have B inside A and try to add A into B. But it ignores case when I try to add A into A.

#4 Updated by Ondřej Pražák about 4 years ago

  • Has duplicate Bug #26360: Adding current usergroup to them self cause error added

#5 Updated by Marek Hulán about 4 years ago

  • Fixed in Releases 1.22.0 added

#6 Updated by Ondřej Pražák about 4 years ago

  • Status changed from Ready For Testing to Closed

#7 Updated by Tomer Brisker almost 4 years ago

  • Related to Bug #26575: Stack trace when adding/removing an user to a group added

#8 Updated by Tomer Brisker almost 4 years ago

  • Related to deleted (Bug #26575: Stack trace when adding/removing an user to a group)

#9 Updated by Tomer Brisker almost 4 years ago

  • Has duplicate Bug #26575: Stack trace when adding/removing an user to a group added

#10 Updated by Tomer Brisker over 2 years ago

  • Category changed from 218 to Users, Roles and Permissions

Also available in: Atom PDF