Bug 1413123

Summary: Tenant admin can create a super admin
Product: Red Hat CloudForms Management Engine Reporter: Satoe Imaishi <simaishi>
Component: UI - OPSAssignee: Šimon Lukašík <slukasik>
Status: CLOSED ERRATA QA Contact: Matouš Mojžíš <mmojzis>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 5.7.0CC: hkataria, jhardy, mmojzis, mpovolny, obarenbo
Target Milestone: GAKeywords: ZStream
Target Release: 5.7.1   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: 5.7.1.0 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1412450 Environment:
Last Closed: 2017-02-27 19:22:41 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1412450    
Bug Blocks:    

Comment 2 CFME Bot 2017-01-13 17:10:49 UTC 
New commit detected on ManageIQ/manageiq/euwe:
https://github.com/ManageIQ/manageiq/commit/5e789d33274f4797951dc1b49eef23c804fd4642

commit 5e789d33274f4797951dc1b49eef23c804fd4642
Author:     Martin Povolny <mpovolny>
AuthorDate: Wed Jan 11 14:23:02 2017 +0100
Commit:     Satoe Imaishi <simaishi>
CommitDate: Fri Jan 13 12:06:10 2017 -0500

    Merge pull request #127 from isimluk/92-with-specs
    
    Fix for #13291, Tenant admin can escalate rights
    (cherry picked from commit c6b67f5ea38c81f63ba863138ed35349810091c4)
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1413123

 app/controllers/ops_controller/ops_rbac.rb | 7 +++++--
 spec/controllers/ops_controller_spec.rb    | 5 +++--
 2 files changed, 8 insertions(+), 4 deletions(-)
Comment 7 errata-xmlrpc 2017-02-27 19:22:41 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2017-0320.html