Red Hat Bugzilla – Bug 755653
updating a group's name or description causes the group to be removed from any roles with which it is associated
Last modified: 2013-08-05 20:42:01 EDT
1) create a group
2) create a role and add the group to the role
3) change the group's name
Look at the role and notice the group is no longer associated with it.
not so comfortable with last minute changes to security. setting priority to MEDIUM. lukas ... put this only in master (not jon 3 branch).
1) document your perception of the regression risk with security,
2) document the tests that you have performed to verify this
3) document who else in development has code reviewed your change
(10:25:01 AM) lkrejci: mfoley: wrt https://bugzilla.redhat.com/show_bug.cgi?id=755653. is this not a regression from JON 2.4.1? (i didn't check yet)
(10:27:51 AM) mfoley: looking
(10:28:23 AM) mfoley: i don't know if it is a regression or not
(10:34:00 AM) lkrejci: mfoley: it's a regression from jon 2.4.1, i'm going to work on it anyway but I think it *should* go into the release
This is only in master right now.
Author: Lukas Krejci <email@example.com>
Date: Thu Nov 24 12:56:28 2011 +0100
[BZ 755653] - Make sure role membership is not updated through
the updateResourceGroup() methods.
Verified on master build#790 (Version: 4.3.0-SNAPSHOT Build Number: b9ef6c8)
Created a group and a role. Associated the group to the role. Changed the group name and verified that the role is associated with the group. It displays the changed group name in 'Assigned Resource Groups' table.
assigning to dev.
has this change been code reviewed by another dev?
It looks good to me.
then please push to jon 3 branch
code looks good. pushed to release_jon3.x branch: e4eac1f
changing status of VERIFIED BZs for JON 2.4.2 and JON 3.0 to CLOSED/CURRENTRELEASE