ManageIQ issue https://github.com/ManageIQ/manageiq/issues/13291: Steps to reproduce: 1. Create child tenant: "My tenant" 2. Create group with: - "My Tenant admin group" with role: "EvmRole-tenant_administrator" - Tenant: "My tenant" 3. Create tenant admin user "tenantadmin" with group "My Tenant admin group" 4. login as tenant admin I can now create a new user with the group "EvmRole-super_administrator" This escalates the privileges of a tenant admin to global admin, defeating the tenant separation.
PR: https://github.com/ManageIQ/manageiq-ui-classic/pull/127