Bug 1460979 - Tag Visibility | Access Controll: All users, groups, and tenants are visible for restricted user
Summary: Tag Visibility | Access Controll: All users, groups, and tenants are visible ...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: Appliance
Version: 5.7.0
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: GA
: 5.7.3
Assignee: Libor Pichler
QA Contact: Ruslana Babyuk
URL:
Whiteboard: ui:tag
Depends On: 1442972
Blocks: 1447372
TreeView+ depends on / blocked
 
Reported: 2017-06-13 10:07 UTC by Ruslana Babyuk
Modified: 2017-06-28 15:04 UTC (History)
9 users (show)

Fixed In Version: 5.7.3.2
Doc Type: If docs needed, set a value
Doc Text:
Clone Of: 1442972
Environment:
Last Closed: 2017-06-28 15:04:49 UTC
Category: ---
Cloudforms Team: CFME Core
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2017:1601 0 normal SHIPPED_LIVE Important: CFME 5.7.3 security, bug fix and enhancement update 2017-06-28 18:51:52 UTC

Comment 4 CFME Bot 2017-06-20 13:46:07 UTC 
New commit detected on ManageIQ/manageiq/euwe:
https://github.com/ManageIQ/manageiq/commit/b18f9982c9d07bec923f2e86823032ccc33b1cf1

commit b18f9982c9d07bec923f2e86823032ccc33b1cf1
Author:     Šimon Lukašík <isimluk@fedoraproject.org>
AuthorDate: Tue May 2 14:03:38 2017 +0200
Commit:     Satoe Imaishi <simaishi@redhat.com>
CommitDate: Tue Jun 20 09:45:13 2017 -0400

    Merge pull request #14898 from lpichler/rbac_for_user_model_by_role
    
    RBAC for User model regard to allowed role
    (cherry picked from commit 5697c1c4d19c057fa0dbc55b82b83d25b9f17a42)
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1460979

 app/models/user.rb             |  4 ++++
 lib/rbac/filterer.rb           |  2 +-
 spec/lib/rbac/filterer_spec.rb | 11 +++++++++++
 3 files changed, 16 insertions(+), 1 deletion(-)
Comment 5 CFME Bot 2017-06-20 13:56:09 UTC 
New commit detected on ManageIQ/manageiq/euwe:
https://github.com/ManageIQ/manageiq/commit/904386f381cc447ac8acb6c90a446257d646a329

commit 904386f381cc447ac8acb6c90a446257d646a329
Author:     Gregg Tanzillo <gtanzill@redhat.com>
AuthorDate: Tue May 2 09:14:56 2017 -0400
Commit:     Satoe Imaishi <simaishi@redhat.com>
CommitDate: Tue Jun 20 09:46:32 2017 -0400

    Merge pull request #14901 from lpichler/join_rbac_for_role_user_and_group_to_one_if_branch
    
    Join RBAC check for MiqUserRole, User and MiqGroup to one if branch
    (cherry picked from commit b8adc2579749cf3ee7ea096f660ae7cc61961e86)
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1460979

 lib/rbac/filterer.rb | 23 ++++++++++++++---------
 1 file changed, 14 insertions(+), 9 deletions(-)
Comment 6 CFME Bot 2017-06-20 13:56:16 UTC 
New commit detected on ManageIQ/manageiq/euwe:
https://github.com/ManageIQ/manageiq/commit/3c74854045dd9015718814f9c2ad447dc439aceb

commit 3c74854045dd9015718814f9c2ad447dc439aceb
Author:     Gregg Tanzillo <gtanzill@redhat.com>
AuthorDate: Tue May 2 09:55:06 2017 -0400
Commit:     Satoe Imaishi <simaishi@redhat.com>
CommitDate: Tue Jun 20 09:47:40 2017 -0400

    Merge pull request #14903 from lpichler/tag_visibility_for_user_and_groups
    
    Tag visibility for User and MiqGroup model
    (cherry picked from commit 8340d21ae22c24bd1f5881e413065136c48a3d69)
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1460979

 lib/rbac/filterer.rb           | 18 ++++++++++++------
 spec/lib/rbac/filterer_spec.rb | 38 ++++++++++++++++++++++++++++++++++++++
 2 files changed, 50 insertions(+), 6 deletions(-)
Comment 8 errata-xmlrpc 2017-06-28 15:04:49 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2017:1601
Note You need to log in before you can comment on or make changes to this bug.