Bug #7221
closed
Edit organization displays associated resources for use w/o permissions
Description
A user with the below permissions can incorrectly see the following on an organization edit page. Note that because the tabs are displayed the list of resources available in each are also displayed. This implies that the choices are not being reduce to show only those available to a specific user.
What I mean is that if user A has a filter that allowed them to only see "Alterator default" Template, then the list should contain only that template. It is my guess that this is not the case. Maybe worth a separate bug but suspect it is all related.
If no permission for resource at all, do not render tab at all.
For limited permissions, display only those resources that are accessible.
Smart Proxies
Subnets
Compute Resources
Media
Templates
Domains
Realms
Environments
Host Groups
Locations
Parameters
Name,Count,Resource,Search,Permissions,Organizations,Locations SAM Administrator,1,Katello::ActivationKey,"","view_activation_keys,create_activation_keys,edit_activation_keys,destroy_activation_keys",,"" SAM Administrator,1,Katello::System,"","view_content_hosts,create_content_hosts,edit_content_hosts,destroy_content_hosts",,"" SAM Administrator,1,Katello::ContentView,"",view_content_views,,"" SAM Administrator,1,Katello::HostCollection,"","view_host_collections,create_host_collections,edit_host_collections,destroy_host_collections",,"" SAM Administrator,1,Katello::KTEnvironment,"",view_lifecycle_environments,,"" SAM Administrator,1,Katello::Product,"","view_products,sync_products",,"" SAM Administrator,1,Organization,"","view_organizations,create_organizations,edit_organizations,destroy_organizations,assign_organizations,view_subscriptions,attach_subscriptions,unattach_subscriptions,import_manifest,delete_manifest",,"" SAM Administrator,1,Role,"","view_roles,create_roles,edit_roles,destroy_roles",,"" SAM Administrator,1,Filter,"","view_filters,create_filters,edit_filters,destroy_filters",,"" SAM Administrator,1,User,"","view_users,create_users,edit_users,destroy_users",,"" SAM Administrator,1,Usergroup,"","view_usergroups,create_usergroups,edit_usergroups,destroy_usergroups",,""
Updated by Dominic Cleal over 10 years ago
- Related to Bug #6760: Models should ensure the authorization of associated objects before associating them to the model added
Updated by Dominic Cleal over 10 years ago
- Category changed from Web Interface to Users, Roles and Permissions
Updated by The Foreman Bot over 10 years ago
- Status changed from New to Ready For Testing
- Target version set to 1.7.4
- Pull request https://github.com/theforeman/foreman/pull/1731 added
- Pull request deleted (
)
Updated by Dominic Cleal over 10 years ago
- Related to Bug #7337: organizations UI does not filter resources to associate based upon RBAC added
Updated by Dominic Cleal over 10 years ago
- Related to Bug #7335: organizations UI "All users" toggle not checking permissions for being displayed added
Updated by Anonymous
Updated by Thomas McKay over 10 years ago
- Status changed from Ready For Testing to Closed
- % Done changed from 0 to 100