Bug 1012579 - RBAC: Administrator should be prevented from modifying super user and auditor roles.
Summary: RBAC: Administrator should be prevented from modifying super user and auditor...
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Domain Management
Version: unspecified
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ER4
: EAP 6.2.0
Assignee: Darran Lofthouse
QA Contact: Ladislav Thon
Russell Dickenson
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2013-09-26 16:36 UTC by Darran Lofthouse
Modified: 2013-12-15 16:23 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2013-12-15 16:23:31 UTC
Type: Bug

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


Links
System ID Priority Status Summary Last Updated
Red Hat Issue Tracker WFLY-2087 Critical Resolved Administrator should be prevented from modifying super user and auditor roles. 2016-02-15 17:06:21 UTC

Description Darran Lofthouse 2013-09-26 16:36:01 UTC 
Description of problem:

The SuperUser role has the ability to do absolutely anything and the Auditor role has full control of what audit logging occurs - for this reason the Administrator should not be able to modify either of these roles as they could effectively add themselves.
Comment 6 Vladimir Dosoudil 2013-10-16 11:44:04 UTC 
Merged in
 * https://github.com/jbossas/jboss-eap/commit/ea931ed
 * https://github.com/jbossas/jboss-eap/commit/3104bc7
Included in EAP 6.2.0 ER 4.
Comment 7 Ladislav Thon 2013-10-21 09:48:58 UTC 
Verified with EAP 6.2.0.ER6.
Note You need to log in before you can comment on or make changes to this bug.