Bug 1882298 - Admin can create requests for groups the user isn't eligible for
Summary: Admin can create requests for groups the user isn't eligible for
Keywords:
Status: NEW
Alias: None
Product: Bugzilla
Classification: Community
Component: Extensions
Version: 5.0
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Jeff Fearn 🐞
QA Contact: Utkarsh
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2020-09-24 09:30 UTC by Jeff Fearn 🐞
Modified: 2020-09-24 09:30 UTC (History)
0 users

Fixed In Version:
Doc Type: ---
Doc Text:
Clone Of:
Environment:
Last Closed:


Attachments (Terms of Use)

Description Jeff Fearn 🐞 2020-09-24 09:30:12 UTC
Description of problem:
When an admin adds a user to a group they are not eligible for on the user edit page a review is created with the flag for that group.

Version-Release number of selected component (if applicable):
5.0.4-rh47

How reproducible:
Easy

Steps to Reproduce:
1. Find a manage group with login regex set to !@, no user can will match this
2. Find a user not in the group and add them to the group on the user admin page

Actual results:
Group review request is created.

Expected results:
Group review request is blocked.

Additional info:
Need to check what happens if someone sets the flag to + on the bug.
Consider disabling the group on the user admin page so it can't be accidentally selected.


Note You need to log in before you can comment on or make changes to this bug.