New installation EAP 6.4.8, set up domain mode and necessary security realm, ManagementRealm
Enable RBAC
/core-service=management/access=authorization:write-attribute(name=provider,value=rbac)
Add scoped role:
/core-service=management/access=authorization/server-group-scoped-role=DeployerIntegration:add(base-role=Administrator,server-groups=[main-server-group])
/core-service=management/access=authorization/role-mapping=DeployerIntegration:add()
/core-service=management/access=authorization/role-mapping=DeployerIntegration/include=user1:add(name=user1,realm=ManagementRealm,type=USER)
User1 added above cannot edit the system properties of the server group on the group configuration page via admin console, the "add" and "remove" button are not visible to the user.
I have tested EAP 6.4.0, EAP 6.4.8, Wildfly 10 and EAP 7, the bug only exist in EAP 6.4.x.
Comment 2JBoss JIRA Server
2016-06-21 10:15:20 UTC
Martin Šmérek <msmerek> updated the status of jira HAL-1125 to Coding In Progress
Comment 3JBoss JIRA Server
2016-06-23 10:15:58 UTC
Martin Šmérek <msmerek> updated the status of jira JBEAP-5065 to Coding In Progress