Feature #4477
closed
Improve permissions on resources in host creation/editing form
Description
We can limit resources that are displayed to the user in host form using new granular permission. Or we could allow resources based on used hostgroup.
Updated by Marek Hulán over 10 years ago
- Related to Feature #812: cant assign roles to groups, just to users added
Updated by Dominic Cleal over 10 years ago
The same applies to other resources like domains, subnets and realms which have associated smart proxies. In theory we can use .authorized and only show the proxies on the form which the user has access to, but in practice this means a user who has edit permissions on a domain but no rights to view the associated smart proxies might inadvertently unset or change the associated proxy.
Our forms need to be smarter about associations to other resources that the user doesn't have access to.
Updated by Dominic Cleal over 10 years ago
- Related to Feature #1652: Fix privacy for puppetclasses. added
Updated by Dominic Cleal over 10 years ago
- Has duplicate Bug #6470: Hostgroup selection box does not honor create_hosts filter added
Updated by Dominic Cleal over 10 years ago
- Related to Bug #6226: if only one option for required field on new host page (ex. installation media), then automatically select it added
Updated by
Updated by Dominic Cleal over 10 years ago
- Related to Bug #6760: Models should ensure the authorization of associated objects before associating them to the model added
Updated by Anonymous over 10 years ago
- Related to Bug #1875: user restricted to compute resource(s) can create baremetal hosts added
Updated by Anonymous over 10 years ago
- Status changed from New to Assigned
- Target version set to 1.7.5
- Assignee set to Anonymous
Updated by Anonymous over 10 years ago
- Target version changed from 1.7.5 to 1.7.4
Updated by Dominic Cleal about 10 years ago
- Related to Feature #7289: ACL who can add a host to hostgroup. added
Updated by Roy Williams over 9 years ago
Once a host group is created it is not possible to change puppet classes from within the host group once hosts are associated to it. However it is possible to associate puppet classes from the Configure -> Puppet -> Puppet Classes tab and check box them so they will work. The other issue is it's not possible to populate parameter overrides since I receive the error "Validation failed: Taxonomy has already been taken"
Updated by Marek Hulán over 9 years ago
This does not seem related to this authorization issue. Please open a separate issue unless there's an existing one for the issue you have.
Edit (domcleal): #13620
Updated by The Foreman Bot over 8 years ago
- Status changed from New to Ready For Testing
- Pull request https://github.com/theforeman/foreman/pull/3369 added
Updated by Tomer Brisker over 8 years ago
- Has duplicate Bug #14248: Unable to control where users can build hosts added
Updated by Tomer Brisker over 8 years ago
- Bugzilla link changed from 1118312 to 1293716
- Assignee changed from Anonymous to Tomer Brisker
Updated by Anonymous over 8 years ago
- Status changed from Ready For Testing to Closed
- % Done changed from 0 to 100
Applied in changeset a4d69f8c15495ca8e9595f0f1503174e888f30b9.
Updated by Dominic Cleal over 8 years ago
- Translation missing: en.field_release set to 160
Updated by Tomer Brisker almost 8 years ago
- Related to Bug #18042: Host Compute Resource field does not honor view permissions added