Bug #13828
Updated by Ohad Levy almost 9 years ago
Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1192414 Description of problem: Unprivileged user can see Administer -> Bookmarks Version-Release number of selected component (if applicable): Satellite-6.1.0-RHEL-6-20150210.0-Satellite-x86_64 How reproducible: always Steps to Reproduce: 1. Login with admin user 2. Switch to "Any context" and create user without any location, org and role 3. Logout with admin user and login with newly created user Actual results: The unprivileged user can access Administer -> Bookmarks. He can not get details about these bookmarks, details about these bookmarks, but see them. Other items user can see - but I do consider them OK: * org/loc switcher which is basically empty and without links to manage org/loc * Monitor with only sub-item Tasks and that page is empty - this probably makes sense as maybe it might happen the unprivileged user have some tasks running (?) * Red Hat Access menu (upper right corner of the page) with "Search", "My Cases" and "Open New Case" which probably makes sense Expected results: IMO whole "Administer" menu should be hidden in this case. Additional info: Noticed while testing bug 1112182