1102617 – Prevent deletion of admin group

Bug 1102617 - Prevent deletion of admin group

Summary: Prevent deletion of admin group

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Beaker
Classification:	Retired
Component:	general
Sub Component:
Version:	0.16
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	19.1
Assignee:	matt jia
QA Contact:	tools-bugs
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2014-05-29 10:18 UTC by Amit Saha
Modified:	2018-02-06 00:41 UTC (History)
CC List:	7 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2014-12-17 08:40:23 UTC
Embargoed:

Attachments	(Terms of Use)

Description Amit Saha 2014-05-29 10:18:44 UTC

Description of problem:

A member of the "admin" group can remove the "admin" group. This doesn't sound right.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Cannot delete the admin group.


Additional info:

Comment 2 Nick Coghlan 2014-05-30 05:59:39 UTC

Just took a look at the code, and indeed, there is no check against "is_protected_group()" for group removal - so the "queue_admin" and "lab_controller" groups can also be removed.

Group removal should be moved to a helper method on bkr.server.model.identity.Group and protected names guarded (in a similar setup to their existing protection against name changes)

Comment 4 matt jia 2014-11-12 23:55:48 UTC

On Gerrit:

http://gerrit.beaker-project.org/#/c/3477/

Cheers, Matt Jia

Comment 7 Dan Callaghan 2014-12-17 08:40:23 UTC

Beaker 19.1 is released.

Note You need to log in before you can comment on or make changes to this bug.