Red Hat Bugzilla – Bug 535764
exception when clicking on group member with limited privileges
Last modified: 2013-09-02 03:27:44 EDT
1)set up user with measure privileges for group of eap servers. 2) logged in as user and clicked on component eap server 3) received attached stack trace
Further investigation reveals this is a result of trying to select a parent of a viewable resource. For instance, for "server.domain JBoss EAP 4.3.0.GA_CP06 default", clicking on the parent, "server.domain", vm resource link, the stack trace is generated. The user has no privileges to view the parent resource. The parent resource link is viewable in the group view of the privileged group.
Note, the initial test case created a group of "JBoss AS JVM" resources, in which the eap server was the parent.
This bug was previously known as http://jira.rhq-project.org/browse/RHQ-2426
Imported an attachment (id=368797)
Temporarily adding the keyword "SubBug" so we can be sure we have accounted for all the bugs.
new = Tracking + FutureFeature + SubBug
making sure we're not missing any bugs in rhq_triage
jay, this bug deals with authz in the tree and locked nodes. can you confirm this doesn't happen with the new GWT implementation of the tree?
Should be fixed.
Verified on build#140 (Version: 4.1.0-SNAPSHOT Build Number: 5905b70)
Created a group of JBoss As JVM resources, created a user. Created a role with measure privileges and assigned the group of JBoss As JVM resources and the user created to the role.
Logged in as the user and navigated to the JBoss As JVM resource group. Verified that the parent resource link (JBoss As Servers) is not viewable in the group view.
Marking as verified.
Bulk closing of issues that were VERIFIED, had no target release and where the status changed more than a year ago.