Bug 1274722

Summary: Tenant admin has permissions to create new tenant outside tenant where he belongs to
Product: Red Hat CloudForms Management Engine Reporter: Pavol Kotvan <pakotvan>
Component: UI - OPSAssignee: Dan Clarizio <dclarizi>
Status: CLOSED WONTFIX QA Contact: Pavol Kotvan <pakotvan>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 5.5.0CC: bascar, hkataria, jhardy, mpovolny, obarenbo
Target Milestone: GA   
Target Release: cfme-future   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: tenant_cfme:rbac
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-08-21 13:07:41 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: Bug
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Pavol Kotvan 2015-10-23 12:50:28 UTC 
Description of problem:
Tenant administrator can create tenant outside tenant where he belongs to. This is not right, he must have admin rights within his tenant only.

Version-Release number of selected component (if applicable):
5.5.0.6-beta1.2.20151014155446_ed40d96 

How reproducible:
always

Steps to Reproduce:
1. Create new tenant
2. Create new tenant admin role by copying EvmRole-tenant_administrator role
3. Create new tenant admin group and assign tenant and role created in previous steps
4. Create tenant admin and assign him just created group
5. Login as tenant admin and Navigate to Configuration -> Access control -> Tenants -> My company -> Configuration -> Add child tenant to this tenant

Actual results:
Tenant admin is able to create another tenant outside of tenant where he is administrator.

Expected results:
Tenant admin is able to create new child tenant only in tenants where he belongs.

Additional info:
Comment 2 Dave Johnson 2015-11-06 22:11:37 UTC 
Brad, can you weigh here on if this is valid and what the priority should be set too, thx!
Comment 5 Chris Pelland 2017-08-21 13:07:41 UTC 
This bug has been open for more than a year and is assigned to an older release of CloudForms. 

If you would like to keep this Bugzilla open and if the issue is still present in the latest version of the product, please file a new Bugzilla which will be added and assigned to the latest release of CloudForms.
Comment 6 Chris Pelland 2017-08-21 13:09:57 UTC 
This bug has been open for more than a year and is assigned to an older release of CloudForms. 

If you would like to keep this Bugzilla open and if the issue is still present in the latest version of the product, please file a new Bugzilla which will be added and assigned to the latest release of CloudForms.