Bug 1000551

Summary: RFE: provide more fine grained bundle permissions
Product: [Other] RHQ Project Reporter: Larry O'Leary <loleary>
Component: ProvisioningAssignee: Jay Shaughnessy <jshaughn>
Status: CLOSED CURRENTRELEASE QA Contact: Mike Foley <mfoley>
Severity: high Docs Contact:
Priority: urgent    
Version: 4.8CC: hrupp, mazz
Target Milestone: ---   
Target Release: RHQ 4.9   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: PM-222, PRODMGT-222 Environment:
Last Closed: 2014-03-26 08:30:56 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 988553    

Description Larry O'Leary 2013-08-23 16:02:50 UTC
This is an RFE for submitted from JBoss ON product.

+++ This bug was initially created as a clone of Bug #988553 +++

Need to provide more fine-grained permissions for the bundle subsystem.

Right now we have a all-or-nothing "MANAGE_BUNDLE" permission. We want to provide a better security model.

See https://docs.jboss.org/author/display/RHQ/Bundle+Permissions for the design that we will implement.

--- Additional comment from John Mazzitelli on 2013-07-25 16:02:03 EDT ---



--- Additional comment from JBoss JIRA Server on 2013-07-26 10:08:24 EDT ---

jay shaughnessy <jshaughn> made a comment on jira PRODMGT-222

Charles, Larry,

This is just to let you know that the design has been tweaked slightly since the customer review.  The wiki page is updated with the addition of CREATE and DELETE permissions at the bundle group level.  This covers more use cases.  It also does not affect the original proposal in that if these perms are not used everything else remains unchanged.

Comment 1 Jay Shaughnessy 2013-09-10 15:13:51 UTC
This work is done.  The 4.9 solution is documented in the wiki:

https://docs.jboss.org/author/display/RHQ/Security+Model+for+Bundle+Provisioning

Comment 2 Heiko W. Rupp 2014-03-26 08:30:56 UTC
Bulk closing now that 4.10 is out.

If you think an issue is not resolved, please open a new BZ and link to the existing one.