Bug 1289724 - [ENG][6.2.z] User with no privileges for repository can view and modify assets in that repository
[ENG][6.2.z] User with no privileges for repository can view and modify asset...
Status: VERIFIED
Product: JBoss BRMS Platform 6
Classification: JBoss
Component: Business Central (Show other bugs)
6.0.3
Unspecified Unspecified
urgent Severity high
: CR2
: 6.2.1
Assigned To: Eder Ignatowicz
Lukáš Petrovický
:
Depends On: 1192831 1214245 1283974
Blocks: 1288021 1288023
  Show dependency treegraph
 
Reported: 2015-12-08 15:10 EST by Alexandre Porcelli
Modified: 2016-07-31 21:20 EDT (History)
10 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 1192831
Environment:
Last Closed:
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Comment 3 Zuzana Krejčová 2016-01-21 11:40:47 EST
I'm sorry to say, there is still more to fix.

With access restrictions set up, even unprivileged user can see the assets via the Recently edited/opened (authoring -> explore).


The Latest changes section in Timeline perspective offers all repos in the filter featurette, even those that shouldn't be visible to the user. The good thing is, the assets/changes from those org.units/repos/projects that the user shouldn't see are still not shown in the latest changes - only the options for filtering are affected.

An admin can see everything in the Administration perspective, but I think that is expected..?

I wasn't able to verify with Inbox and the Find feature, because they didn't show any assets, even without restriction.


The simple search feature (input line with magnifier) is fixed.
Project explorer behaves correctly.
Comment 4 Eder Ignatowicz 2016-02-01 07:12:16 EST
Fixed:

On Guvnor:

Master
e16fbbd3605b3e228c6b630229b8d5d569ce0978
b88dd1139ac1fbf5339f9f8ebcc725d566044cd1

6.4
21e76547a0d7efb10de67184c6bb287d64aaf6dc
7df27a02cb78b1b698b3b2177ebf64a545072bfb

6.3
a7928c547b5118978e1304dfcd51adb636706579
d996277bc898d805ab12b008116023445417e267


On Kie-wb-common:

Master
ac67f4f1bb4a676a552e1d97670d227ac68b8ab4
6.4
85d9039c482a987b8379a206611edf3b48f1f8ff
6.3
40d534e36b7373f5a41e9c8106f5a6bcbda81cd9

Note You need to log in before you can comment on or make changes to this bug.