Bug 1112750
| Summary: | menu item "Hosts --> All hosts" is visible to normal user without any permission | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Red Hat Satellite | Reporter: | Dominic Cleal <dcleal> | ||||
| Component: | Users & Roles | Assignee: | Daniel Lobato Garcia <dlobatog> | ||||
| Status: | CLOSED CURRENTRELEASE | QA Contact: | sthirugn <sthirugn> | ||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | 6.0.3 | CC: | bbuckingham, bkearney, cwelton, jmontleo, sghai, sthirugn | ||||
| Target Milestone: | Unspecified | Keywords: | Triaged | ||||
| Target Release: | Unused | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| URL: | http://projects.theforeman.org/issues/6361 | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | 1112182 | Environment: | |||||
| Last Closed: | 2014-09-11 12:19:44 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
|
Description
Dominic Cleal
2014-06-24 15:45:08 UTC
Created redmine issue http://projects.theforeman.org/issues/6361 from this bug Not really "any permission", but all users automatically get the "Anonymous" role added. By default the anonymous role grants an unlimited view_hosts permission, which IMHO should be removed. https://github.com/theforeman/foreman/pull/1549 is ready for testing Moving to POST since upstream bug http://projects.theforeman.org/issues/6361 has been closed ------------- Daniel Lobato Garcia https://github.com/theforeman/foreman/pull/1549 Verified. (see screenshot) Version Tested: GA Snap 4 - Satellite-6.0.4-RHEL-6-20140806.0 * apr-util-ldap-1.3.9-3.el6_0.1.x86_64 * candlepin-0.9.19-1.el6_5.noarch * candlepin-scl-1-5.el6_4.noarch * candlepin-scl-quartz-2.1.5-5.el6_4.noarch * candlepin-scl-rhino-1.7R3-1.el6_4.noarch * candlepin-scl-runtime-1-5.el6_4.noarch * candlepin-selinux-0.9.19-1.el6_5.noarch * candlepin-tomcat6-0.9.19-1.el6_5.noarch * elasticsearch-0.90.10-4.el6sat.noarch * foreman-1.6.0.38-1.el6sat.noarch * foreman-compute-1.6.0.38-1.el6sat.noarch * foreman-gce-1.6.0.38-1.el6sat.noarch * foreman-libvirt-1.6.0.38-1.el6sat.noarch * foreman-ovirt-1.6.0.38-1.el6sat.noarch * foreman-postgresql-1.6.0.38-1.el6sat.noarch * foreman-proxy-1.6.0.23-1.el6sat.noarch * foreman-selinux-1.6.0.4-1.el6sat.noarch * foreman-vmware-1.6.0.38-1.el6sat.noarch * katello-1.5.0-28.el6sat.noarch * katello-ca-1.0-1.noarch * katello-certs-tools-1.5.6-1.el6sat.noarch * katello-installer-0.0.57-1.el6sat.noarch * openldap-2.4.23-34.el6_5.1.x86_64 * pulp-katello-0.3-3.el6sat.noarch * pulp-nodes-common-2.4.0-0.30.beta.el6sat.noarch * pulp-nodes-parent-2.4.0-0.30.beta.el6sat.noarch * pulp-puppet-plugins-2.4.0-0.30.beta.el6sat.noarch * pulp-puppet-tools-2.4.0-0.30.beta.el6sat.noarch * pulp-rpm-plugins-2.4.0-0.30.beta.el6sat.noarch * pulp-selinux-2.4.0-0.30.beta.el6sat.noarch * pulp-server-2.4.0-0.30.beta.el6sat.noarch * python-ldap-2.3.10-1.el6.x86_64 * ruby193-rubygem-net-ldap-0.3.1-3.el6sat.noarch * ruby193-rubygem-runcible-1.1.0-2.el6sat.noarch * sssd-ldap-1.11.5.1-3.el6.x86_64 Created attachment 925298 [details]
permission denied accessing hosts
This was delivered with Satellite 6.0 which was released on 10 September 2014. |