Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1086489

Summary: Configuring roles for repositories requires BRMS reboot to take effect
Product: [Retired] JBoss BRMS Platform 6 Reporter: Toshiya Kobayashi <tkobayas>
Component: Business CentralAssignee: manstis
Status: CLOSED DUPLICATE QA Contact: Jiri Locker <jlocker>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 6.0.1   
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-04-11 08:21:44 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
user1_can_access_repo2.png none

Description Toshiya Kobayashi 2014-04-11 02:19:47 UTC 
Description of problem:

You can configure roles for repositories using kie-config-cli.sh. But even after "push-changes", user can access unauthorized repositories in "Project Explorer" in the left pane ([Authoring]->[Project Authoring]).

Once you reboot BRMS, you can choose only authorized repositories in "Project Explorer".


Steps to Reproduce:

A) Login to business-central as admin
B) Create 'repo1' and 'repo2' in business-central (Organization Unit is 'example')

C) Configure roles for repositories using kie-config-cli.sh

[tkobayas@tkobayas kie-config-cli-6.0.2-redhat-6-dist]$ ./kie-config-cli.sh 
********************************************************

************* Welcome to Kie config CLI ****************

********************************************************

...

>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>Please enter command (type help to see available commands): 
add-role-repo
>>Repository alias:repo1
>>Security roles (comma separated list):role1
Result:
Role role1 added successfully to repository repo1

>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>Please enter command (type help to see available commands): 
add-role-repo
>>Repository alias:repo2
>>Security roles (comma separated list):role2
Result:
Role role2 added successfully to repository repo2
>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>Please enter command (type help to see available commands): 
push-changes
Result:
Pushed successfully
>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>Please enter command (type help to see available commands): 
list-repo
Result:
Currently available repositories: 
	Repository repo1
	 scheme: git
	 uri: git://repo1
	 environment: {scheme=git, security:roles=[role1]}
	 roles: [role1]
	Repository repository1
	 scheme: git
	 uri: git://repository1
	 environment: {username=, scheme=git, security:roles=[], password=****}
	 roles: []
	Repository repo2
	 scheme: git
	 uri: git://repo2
	 environment: {scheme=git, security:roles=[role2]}
	 roles: [role2]

D) Add users in EAP

bin/add-user.sh -a --user user1 --password password1! --role analyst,role1
bin/add-user.sh -a --user user2 --password password1! --role analyst,role2

E) Logout business-central

F) Login to business-central as user1

G) Go to [Authoring]->[Project Authoring]

Actual results:

user1 can access repo2 (See attached user1_can_access_repo2.png)

Expected results:

user1 cannot access repo2
Comment 1 Toshiya Kobayashi 2014-04-11 02:28:38 UTC 
Created attachment 885206 [details]
user1_can_access_repo2.png
Comment 2 manstis 2014-04-11 08:21:44 UTC 

*** This bug has been marked as a duplicate of bug 1079548 ***