Bug 1415217 - Tenant admin can create groups for other tenants
Summary: Tenant admin can create groups for other tenants
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: UI - OPS
Version: 5.7.0
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: GA
: 5.7.1
Assignee: Martin Povolny
QA Contact: Matouš Mojžíš
URL:
Whiteboard: ui:configuration
Depends On: 1415100
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-01-20 15:17 UTC by Satoe Imaishi
Modified: 2022-07-09 08:12 UTC (History)
7 users (show)

Fixed In Version: 5.7.1.0
Doc Type: If docs needed, set a value
Doc Text:
Clone Of: 1415100
Environment:
Last Closed: 2017-02-27 19:29:44 UTC
Category: ---
Cloudforms Team: ---
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2017:0320 0 normal SHIPPED_LIVE Moderate: CFME 5.7.1 bug fixes and enhancement update 2017-02-28 00:13:26 UTC

Comment 2 CFME Bot 2017-01-20 15:35:56 UTC 
New commit detected on ManageIQ/manageiq/euwe:
https://github.com/ManageIQ/manageiq/commit/9be9b26d0351aa09cef3d9dadc9a9fcbad32d957

commit 9be9b26d0351aa09cef3d9dadc9a9fcbad32d957
Author:     Milan Zázrivec <mzazrivec>
AuthorDate: Tue Jan 17 17:28:02 2017 +0100
Commit:     Satoe Imaishi <simaishi>
CommitDate: Fri Jan 20 10:33:25 2017 -0500

    Merge pull request #151 from martinpovolny/tenant_escape
    
    Tenant admin should not be able to create groups in other tenants.
    (cherry picked from commit 637a45d6312827c4a2f15048361d86ec5f2198ac)
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1415217

 app/controllers/ops_controller/ops_rbac.rb | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)
Comment 3 CFME Bot 2017-01-20 15:36:01 UTC 
New commit detected on ManageIQ/manageiq/euwe:
https://github.com/ManageIQ/manageiq/commit/c43b90c82a71250aeed15b9a50cf0cd2456128b3

commit c43b90c82a71250aeed15b9a50cf0cd2456128b3
Author:     Milan Zázrivec <mzazrivec>
AuthorDate: Fri Jan 20 13:49:05 2017 +0100
Commit:     Satoe Imaishi <simaishi>
CommitDate: Fri Jan 20 10:33:56 2017 -0500

    Merge pull request #203 from martinpovolny/fix_valid_tenant
    
    Fix valid_tenant check in ops.
    (cherry picked from commit 4d38cb9c147dcce7048ba3920a3e3be86482fdb7)
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1415217

 app/controllers/ops_controller/ops_rbac.rb | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)
Comment 4 CFME Bot 2017-01-23 18:40:53 UTC 
New commit detected on ManageIQ/manageiq/euwe:
https://github.com/ManageIQ/manageiq/commit/a4ba5f23a4e77e631dca2f9f877608a088ad8d0c

commit a4ba5f23a4e77e631dca2f9f877608a088ad8d0c
Author:     Gregg Tanzillo <gtanzill>
AuthorDate: Tue Jan 17 08:59:45 2017 -0500
Commit:     Satoe Imaishi <simaishi>
CommitDate: Mon Jan 23 13:37:59 2017 -0500

    Merge pull request #13483 from martinpovolny/group_tenant_limit
    
    Tenant admin should not be able to create groups in other tenants.
    (cherry picked from commit be680ff7bd88736d2a1d0a2f6343bc233a1dc944)
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1415217

 app/models/tenant.rb       |  6 ++++--
 spec/models/tenant_spec.rb | 31 +++++++++++++++++++++----------
 2 files changed, 25 insertions(+), 12 deletions(-)
Comment 6 Matouš Mojžíš 2017-02-16 08:21:54 UTC 
Verified in 5.7.1.2. I can create groups only for my tenant now under tenant administrator.
Comment 8 errata-xmlrpc 2017-02-27 19:29:44 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2017-0320.html
Note You need to log in before you can comment on or make changes to this bug.