Created attachment 1200613 [details] Screenshot of Tenant viewing Service Request of another tenant 4.1 Description of problem: A child tenant is allowed to see other child tenants Service Requests Version-Release number of selected component (if applicable): CloudForms 4.1 How reproducible: Always Steps to Reproduce: 1. Have a child tenant named Customer C make a Service Request 2. Login as an admin child tenant named Customer A. 3. Go to Services -> Requests and view the Service Requests made by child tenant Customer C. Actual results: Customer A child tenant is allowed to see the names of other child tenants that have made a Service Request. Expected results: Customer A child tenant should not see the names of other child tenants that have made a Service Request Additional info:
Gregg, I am wondering if MiqRequest should be included in list here https://github.com/ManageIQ/manageiq/blob/master/lib/rbac/filterer.rb#L8 Let me know. Thanks, ~Harpreet