Bug 784988
Summary: | JON 3.0.1 RC#1 CLI permissions with users other than rhqadmin | ||
---|---|---|---|
Product: | [Other] RHQ Project | Reporter: | Mike Foley <mfoley> |
Component: | CLI | Assignee: | Ian Springer <ian.springer> |
Status: | CLOSED NOTABUG | QA Contact: | Mike Foley <mfoley> |
Severity: | medium | Docs Contact: | |
Priority: | high | ||
Version: | 3.0.1 | CC: | ccrouch, hrupp, ian.springer |
Target Milestone: | --- | ||
Target Release: | JON 3.0.1 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2012-02-01 16:11:08 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 782579 |
Description
Mike Foley
2012-01-26 20:41:58 UTC
12/30/2012 BZ triage meeting mfoley, ccrouch, loleary, asantos I think you might be confusing the INVENTORY-read Resource permission with the MANAGE_INVENTORY global permission. INVENTORY-read is the permission that is always implied. However, since it is a Resource permission, it only applies to the set of Resources that are members of one or more of the groups associated with the role. For example, for the user to view Resource 10034 (assuming the user did not have MANAGE_INVENTORY or MANAGE_SECURITY), that Resource would have to be in one of that user's role's groups. |