Bug 789534
Summary: | User with read-everything role can (permanently?) delete system notifications | ||
---|---|---|---|
Product: | Red Hat Satellite | Reporter: | Corey Welton <cwelton> |
Component: | WebUI | Assignee: | Partha Aji <paji> |
Status: | CLOSED NOTABUG | QA Contact: | Katello QA List <katello-qa-list> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 6.0.0 | CC: | mmccune |
Target Milestone: | Unspecified | Keywords: | Triaged |
Target Release: | Unused | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2012-02-21 18:38:56 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 747354 |
Description
Corey Welton
2012-02-11 03:04:00 UTC
+1 to getting rid of the Delete All if the user doesn't have the rights to delete stuff I would argue this is indeed the desired behaviour. Notifications showing up under http://<fqdn>/katello/notices are custom to a user and hence deletable by the user. This behavior is similar to the user being able to edit his/her preferences (even if they do not have any privileges to edit anything). I'm fine with the explanation above. QA Closing. |