767570 – Non admin user able to launch instance even after revoking access of "global Deployable User "

Bug 767570 - Non admin user able to launch instance even after revoking access of "global Deployable User "

Summary: Non admin user able to launch instance even after revoking access of "global ...

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	CloudForms Cloud Engine
Classification:	Retired
Component:	aeolus-conductor
Sub Component:
Version:	1.0.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	rc
Assignee:	Scott Seago
QA Contact:	wes hayutin
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2011-12-14 11:30 UTC by Aziza Karol
Modified:	2012-08-30 17:15 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2012-08-30 17:15:23 UTC

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Aziza Karol 2011-12-14 11:30:59 UTC

Description of problem:


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.create a non admin user.
2.In browser1 login as non admin user and try launching a deployment by clicking on new deployment..
while the nonadmin  user is on the launch button  .. In another browser2 login as admin and  revoke the  access "Global deployable user" for nonadmin user.

3.Now in browser1 click launch button.

  
Actual results:
Non admin user is still able to launch the deployments even when "Global deployable user" access is revoked.


Expected results:
non admin user should not be able to launch deployment.

Additional info:
[root@dell-pe1950-01 templates]# rpm -qa | grep aeolus
rubygem-aeolus-image-0.2.0-1.el6.noarch
aeolus-conductor-0.7.0-4.el6.noarch
aeolus-conductor-doc-0.7.0-4.el6.noarch
aeolus-configure-2.4.0-3.el6.noarch
rubygem-aeolus-cli-0.2.0-3.el6.noarch
aeolus-all-0.7.0-4.el6.noarch
aeolus-conductor-daemons-0.7.0-4.el6.noarch

Comment 1 wes hayutin 2012-01-10 17:10:48 UTC

adding to ce-sprint-next

Comment 2 wes hayutin 2012-01-10 17:13:38 UTC

adding to ce-sprint-next

Comment 3 wes hayutin 2012-01-12 16:35:27 UTC

adding to ce-sprint

Comment 4 wes hayutin 2012-01-12 16:41:48 UTC

removing ce-sprint-next tracker

Comment 5 Scott Seago 2012-01-18 20:42:53 UTC

Patch on list here: https://fedorahosted.org/pipermail/aeolus-devel/2012-January/008141.html

Commit hash: 82bdb5547174a7489ca9df77f76bbd1815a516e3

Comment 6 Steve Linabery 2012-01-24 20:25:11 UTC

7a89a230ba064f2a36c8fd7580355d0e2b2803d2 in aeolus-conductor-0.8.0-10

Comment 7 Aziza Karol 2012-01-25 11:01:38 UTC

Non admin user is not able to launch instance after revoking access of "global Deployable User "

Message "You have insufficient privileges to perform the selected action" is displayed.

verified on:
rpm -qa | grep aeolus
rubygem-aeolus-image-0.3.0-3.el6.noarch
aeolus-conductor-doc-0.8.0-11.el6.noarch
rubygem-aeolus-cli-0.3.0-5.el6.noarch
aeolus-configure-2.5.0-7.el6.noarch
aeolus-conductor-daemons-0.8.0-11.el6.noarch
aeolus-conductor-0.8.0-11.el6.noarch
aeolus-all-0.8.0-11.el6.noarch

Note You need to log in before you can comment on or make changes to this bug.