Bug 1562775 - Approval permissions are not followed between different groups
Summary: Approval permissions are not followed between different groups
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: Appliance
Version: 5.8.0
Hardware: All
OS: All
high
high
Target Milestone: GA
: 5.8.4
Assignee: Libor Pichler
QA Contact: Landon LaSmith
URL:
Whiteboard:
Depends On: 1545395
Blocks: 1551709
TreeView+ depends on / blocked
 
Reported: 2018-04-02 13:23 UTC by Satoe Imaishi
Modified: 2018-06-25 14:19 UTC (History)
5 users (show)

Fixed In Version: 5.8.4.2
Doc Type: Release Note
Doc Text:
This RBAC addition needs to be documented for customers. Changed: Now option Access Restriction for Services, VMs, and Templates in user's role User and Group owned role setting or Only User owned role setting is affecting also MiqRequests. So if you have selected User and Group owned role setting you will see requests of created by users which are in group which is current for logged user. User and Group owned role setting you will see only users requests.
Clone Of: 1545395
Environment:
Last Closed: 2018-06-25 14:19:13 UTC
Category: ---
Cloudforms Team: CFME Core


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2018:1972 None None None 2018-06-25 14:19:47 UTC

Comment 4 Landon LaSmith 2018-05-21 19:19:54 UTC
VERIFIED in 5.8.4.3. I was able to create two groups/users (userA & userB) with User/Group ownership restrictions. Approval requests created by admin or userA were not visible to userB.

Comment 6 errata-xmlrpc 2018-06-25 14:19:13 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2018:1972


Note You need to log in before you can comment on or make changes to this bug.