Bug 1343591 - [GSS](6.4.z) setting system properties on a server-group fails when using RBAC scoped roles on admin console
Summary: [GSS](6.4.z) setting system properties on a server-group fails when using RBA...
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Web Console
Version: 6.4.8
Hardware: Unspecified
OS: Unspecified
low
low
Target Milestone: CR1
: EAP 6.4.12
Assignee: Miroslav Sochurek
QA Contact: Pavel Jelinek
URL:
Whiteboard:
Depends On: 1352049
Blocks: 1323582 eap6412-payload
TreeView+ depends on / blocked
 
Reported: 2016-06-07 14:07 UTC by Lei Yu
Modified: 2019-11-14 08:18 UTC (History)
9 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
: 1352049 (view as bug list)
Environment:
Last Closed: 2017-01-17 13:16:30 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker HAL-1125 0 Major Resolved Setting system properties on a server-group fails when using RBAC scoped roles on admin console 2017-03-23 20:14:43 UTC
Red Hat Issue Tracker JBEAP-5065 0 Major Verified [GSS](7.0.z) Setting system properties on a server-group fails when using RBAC scoped roles on admin console 2017-03-23 20:14:43 UTC
Red Hat Issue Tracker JBEAP-6479 0 Major Verified [GSS](7.1.0) Setting system properties on a server-group fails when using RBAC scoped roles on admin console 2017-03-23 20:14:43 UTC

Description Lei Yu 2016-06-07 14:07:01 UTC 
New installation EAP 6.4.8, set up domain mode and necessary security realm, ManagementRealm

Enable RBAC

/core-service=management/access=authorization:write-attribute(name=provider,value=rbac)

Add scoped role:

/core-service=management/access=authorization/server-group-scoped-role=DeployerIntegration:add(base-role=Administrator,server-groups=[main-server-group])
/core-service=management/access=authorization/role-mapping=DeployerIntegration:add()
/core-service=management/access=authorization/role-mapping=DeployerIntegration/include=user1:add(name=user1,realm=ManagementRealm,type=USER)

User1 added above cannot edit the system properties of the server group on the group configuration page via admin console, the "add" and "remove" button are not visible to the user.

I have tested EAP 6.4.0, EAP 6.4.8, Wildfly 10 and EAP 7, the bug only exist in EAP 6.4.x.
Comment 2 JBoss JIRA Server 2016-06-21 10:15:20 UTC 
Martin Šmérek <msmerek> updated the status of jira HAL-1125 to Coding In Progress
Comment 3 JBoss JIRA Server 2016-06-23 10:15:58 UTC 
Martin Šmérek <msmerek> updated the status of jira JBEAP-5065 to Coding In Progress
Comment 5 Martin Šmérek 2016-07-04 07:13:26 UTC 
PR: https://github.com/hal/ballroom/pull/11
Comment 6 JBoss JIRA Server 2016-07-12 12:37:56 UTC 
Harald Pehl <hpehl> updated the status of jira HAL-1125 to Resolved
Comment 7 Harald Pehl 2016-07-12 12:40:47 UTC 
Merged upstream: 
Upgrade Ballroom version in HAL 2.1.x to 2.1.11.Final
https://github.com/hal/core/commit/a495162ed9da7e7ec8dcda4d4ebc8c4cac6b46e3
Comment 9 JBoss JIRA Server 2016-10-19 11:15:00 UTC 
Peter Palaga <ppalaga> updated the status of jira JBEAP-6479 to Coding In Progress
Comment 10 JBoss JIRA Server 2016-10-19 11:21:22 UTC 
Peter Palaga <ppalaga> updated the status of jira JBEAP-6479 to Resolved
Comment 11 Michael Cada 2016-11-05 11:58:17 UTC 
Verified with EAP 6.4.12.CP.CR1
Comment 12 Petr Penicka 2017-01-17 13:16:30 UTC 
Retroactively bulk-closing issues from released EAP 6.4 cumulative patches.
Note You need to log in before you can comment on or make changes to this bug.