1882298 – Admin can create requests for groups the user isn't eligible for

Bug 1882298 - Admin can create requests for groups the user isn't eligible for

Summary: Admin can create requests for groups the user isn't eligible for

Keywords:
Status:	NEW
Alias:	None
Product:	Bugzilla
Classification:	Community
Component:	Extensions
Sub Component:
Version:	5.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Jeff Fearn 🐞
QA Contact:	Utkarsh
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2020-09-24 09:30 UTC by Jeff Fearn 🐞
Modified:	2020-09-24 09:30 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	---
Doc Text:
Clone Of:
Environment:
Last Closed:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Jeff Fearn 🐞 2020-09-24 09:30:12 UTC

Description of problem:
When an admin adds a user to a group they are not eligible for on the user edit page a review is created with the flag for that group.

Version-Release number of selected component (if applicable):
5.0.4-rh47

How reproducible:
Easy

Steps to Reproduce:
1. Find a manage group with login regex set to !@, no user can will match this
2. Find a user not in the group and add them to the group on the user admin page

Actual results:
Group review request is created.

Expected results:
Group review request is blocked.

Additional info:
Need to check what happens if someone sets the flag to + on the bug.
Consider disabling the group on the user admin page so it can't be accidentally selected.

Note You need to log in before you can comment on or make changes to this bug.