Bug #37531
open
Autocomplete feature for search shows content from forbidden organization for user
Description
In the current version of Foreman, the auto-complete feature for search-bars does not respect organizations.
Steps to Reproduce:
1. Create two organization (org-1, org-2)
2. Create a user for org-2 (User cannot see org-1)
3. On UI page "Hosts->AllHosts" or "Hosts->ContentHosts" page write an option e.g. "lifecycle_environment = " or "content_view = " in search field.
4. We get a list of content from both organization org-1 and org-2.
Actual results:
We get a list of content from both organization org-1 and org-2 if we choose one of the search options above mentioned
Expected results:
We should get only the list recommended content from users' organization (org-2 in this case)
Files
Updated by The Foreman Bot 12 months ago
- Status changed from New to Ready For Testing
- Pull request https://github.com/theforeman/foreman/pull/10197 added
Updated by Thorben Denzer 11 months ago
· Edited
The created users may be given the administrator role.
Updated by Bernhard Suttner 7 months ago
- File clipboard-202410222108-pafkd.png clipboard-202410222108-pafkd.pngclipboard-202410222108-pafkd.png added
Still possible on the new All Hosts Page: