Project

General

Profile

Bug #7337

organizations UI does not filter resources to associate based upon RBAC

Added by Thomas McKay over 5 years ago. Updated over 1 year ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Authorization
Target version:
Difficulty:
Triaged:
Bugzilla link:
Fixed in Releases:
Found in Releases:

Description

The list of resources to association with an organization or location, for example subnets, does not honor the user's RBAC permissions. For example, if a user has a filter to see only subnet S1 but there are other subnets S2 and S3, all three will be displayed instead of just S1.

Also related, however, is the fact that the UI sends up the list of subnets on form submit as a group. This means that if the above case is fixed so that the user only sees S1 in the list of choices, this will lead to them effectively remove S2 and S3 if another user had added those. The UI needs to be fixed to perform separate add and remove operations on individual IDs rather than blindly posting back what it believes to be the full set.


Related issues

Related to Foreman - Bug #6760: Models should ensure the authorization of associated objects before associating them to the modelNew2014-07-23
Related to Foreman - Bug #7221: Edit organization displays associated resources for use w/o permissionsClosed2014-08-21
Related to Foreman - Bug #11187: Taxonomy selectors are empty even for users with assign permissionsClosed2015-07-22

Associated revisions

Revision 887e2fd9 (diff)
Added by Tomer Brisker almost 5 years ago

Fixes #7337 - Only list authorized items on multiple select

History

#1 Updated by Thomas McKay over 5 years ago

  • Bugzilla link set to 1136910

#2 Updated by Dominic Cleal over 5 years ago

  • Related to Bug #6760: Models should ensure the authorization of associated objects before associating them to the model added

#3 Updated by Dominic Cleal over 5 years ago

  • Related to Bug #7221: Edit organization displays associated resources for use w/o permissions added

#4 Updated by Dominic Cleal over 5 years ago

  • Category changed from Web Interface to Authorization

#5 Updated by Tomer Brisker almost 5 years ago

  • Status changed from New to Assigned
  • Assignee set to Tomer Brisker

#6 Updated by The Foreman Bot almost 5 years ago

  • Status changed from Assigned to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/2225 added
  • Pull request deleted ()

#7 Updated by Dominic Cleal almost 5 years ago

  • Legacy Backlogs Release (now unused) set to 35

#8 Updated by Anonymous almost 5 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

#9 Updated by Marek Hulán over 4 years ago

  • Related to Bug #11187: Taxonomy selectors are empty even for users with assign permissions added

Also available in: Atom PDF