Red Hat Bugzilla – Bug 1479583
EvmRole-auditor can perform actions on VM
Last modified: 2017-08-14 16:45:17 EDT
Description of problem:
According to Redhat doc, role EvmRole-auditor should have no permission on perform any actions on VMs. However, users having that role are able to poweron/poweroff VMs
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Create a user and assign role EvmRole-auditor
2.Login with the user
3.Go to any VM and click on the Power button, all actions are visible and can be performed.
User is able to poweron/poweroff VMs
User shouldn't even be able to see the power button or actions should be disabled
EvmRole-security has the same problem.