1010665 – RBAC: CRUD operations over Server Groups should not be allowed for Group Scoped Roles

Bug 1010665 - RBAC: CRUD operations over Server Groups should not be allowed for Group Scoped Roles

Summary: RBAC: CRUD operations over Server Groups should not be allowed for Group Scop...

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	JBoss Enterprise Application Platform 6
Classification:	JBoss
Component:	Web Console
Sub Component:
Version:	6.2.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	urgent
Severity:	urgent
Target Milestone:	ER7
Target Release:	---
Assignee:	Harald Pehl
QA Contact:	Jakub Cechacek
Docs Contact:	Russell Dickenson
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2013-09-22 10:58 UTC by Jakub Cechacek
Modified:	2015-02-01 23:00 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Doc Type:	Known Issue
Doc Text:	Cause: Consequence: Workaround (if any): Results:
Clone Of:
Environment:
Last Closed:	2013-12-15 16:18:15 UTC
Type:	Bug

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Issue Tracker	HAL-216	0	Major	Resolved	CRUD operations over Server Groups should not be allowed for Group Scoped Roles	2016-12-14 19:47:57 UTC

Description Jakub Cechacek 2013-09-22 10:58:04 UTC

Group Scoped Maintainers / Administrators don't have permissions to create / delete server groups. Thus control elements should not be displayed to them. 

Attempt to create new group as such role leads to error message "Failed to add TestGroup"

Comment 1 JBoss JIRA Server 2013-10-02 08:55:09 UTC

Heiko Braun <ike.braun> updated the status of jira HAL-216 to Resolved

Comment 2 JBoss JIRA Server 2013-10-02 08:55:09 UTC

Heiko Braun <ike.braun> made a comment on jira HAL-216

Duplicates HAL-236

Comment 3 JBoss JIRA Server 2013-10-02 08:55:26 UTC

Heiko Braun <ike.braun> updated the status of jira HAL-216 to Reopened

Comment 4 JBoss JIRA Server 2013-10-09 07:22:10 UTC

Heiko Braun <ike.braun> made a comment on jira HAL-216

It seems the recent changes to the resource model prevent the former use cases. Now it's not possible anymore to add servers as a scoped role or modify an existing group within thr roles scope.

Comment 5 JBoss JIRA Server 2013-10-09 07:27:28 UTC

Heiko Braun <ike.braun> made a comment on jira HAL-216

Same role configuration did grant access to modify the server groups and servers in 6.2.ER3

Comment 6 JBoss JIRA Server 2013-10-12 20:50:14 UTC

Brian Stansberry <brian.stansberry> made a comment on jira HAL-216

I don't experience problems doing things with the console against master. I'll see if there are problems with the EAP branch.

There are some commits in master that aren't in EAP yet, but AFAIK it's just stuff that I didn't port back because of the concerns raised here and on the related JIRAs.

Comment 8 JBoss JIRA Server 2013-10-14 18:50:48 UTC

Heiko Braun <ike.braun> made a comment on jira HAL-216

To prevent totoal confusion I have moved th related issue to https://issues.jboss.org/browse/HAL-276 and will be closing this one.

Comment 9 JBoss JIRA Server 2013-10-14 18:50:56 UTC

Heiko Braun <ike.braun> updated the status of jira HAL-216 to Resolved

Comment 10 Jakub Cechacek 2013-11-05 12:43:01 UTC

Verified 6.2.0.ER7

Note You need to log in before you can comment on or make changes to this bug.