Red Hat Bugzilla – Bug 535131
test resource permission: Modify
Last modified: 2009-11-10 16:22:45 EST
test all the UI pages so the Modify permission takes effect.
(I'm actually not sure what this authorizes - need to check the code)
1) Created 'Everything' group including all discovered resources(See parent issue for details).
2) Create two additional user accounts i) u:none with no role perms and member of everything group. ii)u:modify w/ 'modify' perms and member of 'Everything'
3) Logged into the app from three separate browsers(FFx2 & IE) with three separate accounts
Following results obtained while viewing/testing " Logged in-> Resources -> Servers -> PostGres[postgres] -> Inventory"
#u:none - details shown but NOT able to edit the inventory name.
#u:modify - details shown and ABLE to edit/change the name of the Postgres instance and successfully persist to JON inventory.
#u:rhqadmin - details shown and ABLE to edit/change the name of the Postgres instance and successfully persist to JON inventory.
Also checked to see if the edit url could be accessed from the user 'none' and successfully change the value.
Ex. Use http://127.0.0.1:7080/rhq/resource/inventory/edit-general.xhtml?id=505053&conversationId=107
The 'none' user could see the edit page correctly but on submit the commit failed. Not sure if this is a problem as edit was denied but page is visible.
SUMMARY: with the exception of edit url visible if entered by hand, this is working as expected.
Added one more level of restricted visibility group testing due to changes in group authorization mechanism. See parent issue for more detailed description.
In addition to above, also created:
i) Recursive group that included the PostGres server and downward only.
ii) Role that included group from first step and only 'modify' perms selected.
ii) User attached to role.
Works as expected, but exposed links and information about parent hierarchy to root for Postgres incorrectly. All of these invalid links failed with ugly authorization errors and to exposed stack traces.
Jira for issue discovered: http://jira.rhq-project.org/browse/RHQ-1962
Working as expected. One bug discovered. See issue details.
This bug was previously known as http://jira.rhq-project.org/browse/RHQ-1859