Bug 1562777 - Approval permissions are not followed between different groups
Summary: Approval permissions are not followed between different groups
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: Appliance
Version: 5.8.0
Hardware: All
OS: All
high
high
Target Milestone: GA
: 5.9.2
Assignee: Libor Pichler
QA Contact: Landon LaSmith
URL:
Whiteboard:
Depends On: 1545395
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-04-02 13:24 UTC by Satoe Imaishi
Modified: 2022-07-09 09:35 UTC (History)
6 users (show)

Fixed In Version: 5.9.2.1
Doc Type: Release Note
Doc Text:
This release of Red Hat CloudForms corrects restrictions for Request visibility when the role is set to "Only User or Group Owned" or "Only User Owned".
Clone Of: 1545395
Environment:
Last Closed: 2018-05-07 20:47:51 UTC
Category: ---
Cloudforms Team: CFME Core
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2018:1328 0 None None None 2018-05-07 20:48:23 UTC

Comment 2 CFME Bot 2018-04-02 13:30:50 UTC 
New commit detected on ManageIQ/manageiq/gaprindashvili:

https://github.com/ManageIQ/manageiq/commit/a1ec51830e537bb4d29099051675d7ab006d1d46
commit a1ec51830e537bb4d29099051675d7ab006d1d46
Author:     Gregg Tanzillo <gtanzill>
AuthorDate: Wed Mar 28 09:28:38 2018 -0400
Commit:     Gregg Tanzillo <gtanzill>
CommitDate: Wed Mar 28 09:28:38 2018 -0400

    Merge pull request #17208 from lpichler/restrict_miq_request_by_users_group

    Add ownership for MiqRequest in RBAC
    (cherry picked from commit 09697591a48eb2d1d994ec57d09a842844c0cab7)

    https://bugzilla.redhat.com/show_bug.cgi?id=1562777

 app/models/miq_request.rb | 20 +
 lib/rbac/filterer.rb | 19 +-
 spec/lib/rbac/filterer_spec.rb | 56 +
 3 files changed, 92 insertions(+), 3 deletions(-)
Comment 3 Landon LaSmith 2018-04-18 20:11:31 UTC 
VERIFIED in 5.9.2.2. Request visibility was correctly restricted when the role was set to "Only User or Group Owned" OR "Only User Owned"
Comment 6 errata-xmlrpc 2018-05-07 20:47:51 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2018:1328
Note You need to log in before you can comment on or make changes to this bug.