Bug 1694868
Summary: | Non-Admin user can see All Remote Execution Jobs initiated by other users | ||||||
---|---|---|---|---|---|---|---|
Product: | Red Hat Satellite | Reporter: | Shekhar Raut <sraut> | ||||
Component: | Remote Execution | Assignee: | Leos Stejskal <lstejska> | ||||
Status: | CLOSED ERRATA | QA Contact: | Peter Ondrejka <pondrejk> | ||||
Severity: | medium | Docs Contact: | |||||
Priority: | high | ||||||
Version: | 6.4 | CC: | agadhave, ahumbe, aruzicka, egolov, inecas, lstejska | ||||
Target Milestone: | 6.9.0 | Keywords: | Triaged | ||||
Target Release: | Unused | ||||||
Hardware: | Unspecified | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | tfm-rubygem-foreman_remote_execution-4.0.0 | Doc Type: | If docs needed, set a value | ||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2021-04-21 13:11:45 UTC | Type: | Bug | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
Shekhar Raut
2019-04-01 21:41:54 UTC
Created redmine issue https://projects.theforeman.org/issues/27988 from this bug Moving this bug to POST for triage into Satellite since the upstream issue https://projects.theforeman.org/issues/27988 has been resolved. Tested on Satellite 6.9 snap 1 using the permission list from the problem description, the user can still see job invocations from other users. Reproduction machine available upon request The problem is in Role filter settings. Limiting job invocations to current user works only when "Job invocations > view_job_invocations" permission have search filter set to "user = current_user". Created attachment 1733302 [details]
filter set used for verification
Using additional filter from comment 7 just for the view permission the limitation works as expected, only user's invocations are listed, invocation creation remains unhampered. Verified on Satellite 6.9 snap 2 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: Satellite 6.9 Release), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:1313 |