Actions
Bug #30387
closed
User can view bookmarks without assigning view_bookmarks permission in a role
Status:
Closed
Priority:
Normal
Assignee:
Category:
Users, Roles and Permissions
Target version:
-
Difficulty:
Triaged:
No
Bugzilla link:
Pull request:
Description
Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1805740
Description of problem:
Non-admin user is able to view bookmarks without having view_bookmarks permissions.
Version-Release number of selected component (if applicable): Satellite 6.7
How reproducible: Always
Steps to Reproduce:
1. Create a user without any permission
2. Login to the satellite using the same user
3. Navigate to Administer -> Bookmarks.
4. User is able to view all bookmarks
Expected results: User should not able to view bookmarks without view_bookmarks permission
Updated by
Updated by The Foreman Bot over 4 years ago
- Status changed from New to Ready For Testing
- Pull request https://github.com/theforeman/foreman/pull/7822 added
Updated by Tomer Brisker almost 4 years ago
Solution should be dropping view_bookmarks permission and allowing all users to view their own and global bookmarks
Updated by Tomer Brisker almost 4 years ago
- Category set to Users, Roles and Permissions
Updated by Tomer Brisker over 3 years ago
- Status changed from Ready For Testing to Assigned
- Assignee changed from Aditi Puntambekar to Tomer Brisker
- Pull request deleted (
https://github.com/theforeman/foreman/pull/7822)
Updated by The Foreman Bot over 3 years ago
- Status changed from Assigned to Ready For Testing
- Pull request https://github.com/theforeman/foreman/pull/8486 added
Updated by Tomer Brisker over 3 years ago
- Status changed from Ready For Testing to Closed
Applied in changeset foreman|81512f75ef77af6d30aaa0d6ef6e3b991b184c85.
Updated by Adam Ruzicka over 3 years ago
- Related to Bug #32873: Do not check bookmark permissions added
Actions