Description of problem: When an admin adds a user to a group they are not eligible for on the user edit page a review is created with the flag for that group. Version-Release number of selected component (if applicable): 5.0.4-rh47 How reproducible: Easy Steps to Reproduce: 1. Find a manage group with login regex set to !@, no user can will match this 2. Find a user not in the group and add them to the group on the user admin page Actual results: Group review request is created. Expected results: Group review request is blocked. Additional info: Need to check what happens if someone sets the flag to + on the bug. Consider disabling the group on the user admin page so it can't be accidentally selected.
On QA server. - Login to an admin account - Edit another account - Check boxes the account does not in and do not qualify for are disabled. - Each disabled checkbox has pop-up text explaining why. e.g. "You cannot manage this membership because: The user does not match the regular expression '!@'" - Edit the account of a user who is in a group that their account does not qualify for. - The checkbox is enabled, allowing the admin to remove the user from the group.
This fix has been deployed to stage Bugzilla for a short public testing phase. https://bugzilla.stage.redhat.com
This change is now live. If there are any issues, do not reopen this bug. Instead, you should create a new bug and reference this bug.