Bug 534817 - (RHQ-1577) protect operations views behind authorization
protect operations views behind authorization
Status: CLOSED NEXTRELEASE
Product: RHQ Project
Classification: Other
Component: Operations (Show other bugs)
unspecified
All All
medium Severity medium (vote)
: ---
: ---
Assigned To: Joseph Marques
Heiko W. Rupp
http://jira.rhq-project.org/browse/RH...
: Improvement
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2009-02-15 23:18 EST by Joseph Marques
Modified: 2009-03-17 11:43 EDT (History)
0 users

See Also:
Fixed In Version: 1.2
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Joseph Marques 2009-02-15 23:18:00 EST
unless users have the CONTROL permission, prevent them from doing the following:
* scheduling operations
* "execute now" against some operation schedule
* unscheduling operations
* deleting operation history

Comment 1 Joseph Marques 2009-02-15 23:18:59 EST
this should be prevented for resources and resource groups
Comment 2 Joseph Marques 2009-02-15 23:40:09 EST
rev3074 - only render buttons for resource/group operations if user has appropriate permissions; 
Comment 3 Heiko W. Rupp 2009-03-17 11:43:28 EDT
This works when the user has no control permission *and no* manage-inventory permission.

rev QA-7408 

Why do we still show the OP-icon and tab in that case?
Comment 4 Red Hat Bugzilla 2009-11-10 15:35:58 EST
This bug was previously known as http://jira.rhq-project.org/browse/RHQ-1577

Note You need to log in before you can comment on or make changes to this bug.