Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 839008 - Indirect roles not checked for in WebUI
Indirect roles not checked for in WebUI
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: ipa (Show other bugs)
6.4
Unspecified Unspecified
medium Severity unspecified
: rc
: ---
Assigned To: Rob Crittenden
Namita Soman
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-07-10 11:51 EDT by Dmitri Pal
Modified: 2013-02-21 04:16 EST (History)
4 users (show)

See Also:
Fixed In Version: ipa-3.0.0-1.el6
Doc Type: Bug Fix
Doc Text:
Cause: Identity Management Web UI Administrator interface was not enabled for users who were indirect members of administrative roles, e.g. for a user which is a member of a group which is a member of administrative role. Consequence: Such users were not able to perform Identity Management administrative tasks via Web UI. Fix: Allow Web UI Administrator interface for indirect members of administrative roles. Result: Indirect members of administrative roles are now able to perform administrative tasks within Identity Management Web UI.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-02-21 04:16:40 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2013:0528 normal SHIPPED_LIVE Low: ipa security, bug fix and enhancement update 2013-02-21 03:22:21 EST

  None (edit)
Description Dmitri Pal 2012-07-10 11:51:47 EDT 
This bug is created as a clone of upstream ticket:
https://fedorahosted.org/freeipa/ticket/2899

When using the WebUI the admin navigation isn't enabled for users who are indirect members of roles.
Comment 1 Petr Vobornik 2012-07-11 03:23:41 EDT 
Fixed upstream: e494650b2cdb6ac7e1eda3da7cf03d4c36f2739a
Comment 2 Jenny Galipeau 2012-09-25 12:10:22 EDT 
regression test is automated
Comment 5 Xiyang Dong 2013-01-21 08:41:30 EST 
verified in ipa-server-3.0.0-22.el6.x86_64

https://wiki.idm.lab.bos.redhat.com/qa/archive/ipa/webui/automation/firefox/test-output-ipa-server-3.0.0-QA/0114_64bit/full%20suite/IPARBACTestSuite/index.html

testIndirectRoles_Bug839008
Bug 839008 - Indirect Roles
Parameters: bug839008_IndirectRoles, Read DNS Entries, bug839008_privilege, bug839008_privilege desc, bug839008_role, bug839008_roleDesc, bug839008_user, bug839008_givenname, bug839008_sn, Secret123, bug839008_group, bug839008_group desc
Hide output Show all outputs
Starting Test: testIndirectRoles_Bug839008([bug839008_IndirectRoles, Read DNS Entries, bug839008_privilege, bug839008_privilege desc, bug839008_role, bug839008_roleDesc, bug839008_user, bug839008_givenname, bug839008_sn, Secret123, bug839008_group, bug839008_group desc])

Starting Test: testIndirectRoles_Bug839008([bug839008_IndirectRoles, Read DNS Entries, bug839008_privilege, bug839008_privilege desc, bug839008_role, bug839008_roleDesc, bug839008_user, bug839008_givenname, bug839008_sn, Secret123, bug839008_group, bug839008_group desc])

Add Permission - read dns entries

Asserted: Actual value of 'bug839008_privilege desc' matches expected value.

Asserted: Verified Read DNS Entries is listed for bug839008_privilege

Add Role - bug839008_role

Asserted: Verified privilege bug839008_privilege is listed for bug839008_role

Add User bug839008_user

Asserted: User added successfully

Add User Group bug839008_group

Asserted: User Group added successfully

Asserted: user bug839008_user is a member of user group bug839008_group

Asserted: User group bug839008_group is a memberof roles: bug839008_role

Asserted: Indirect membership of role to the user verified

Asserted: reset password for first time login

Password for bug839008_user@TESTRELM.COM">bug839008_user@TESTRELM.COM:

Asserted: Logged in successfully as bug839008_user

Asserted: DNS zones listed - verified

Test Passed: testIndirectRoles_Bug839008([bug839008_IndirectRoles, Read DNS Entries, bug839008_privilege, bug839008_privilege desc, bug839008_role, bug839008_roleDesc, bug839008_user, bug839008_givenname, bug839008_sn, Secret123, bug839008_group, bug839008_group desc])

Test Passed: testIndirectRoles_Bug839008([bug839008_IndirectRoles, Read DNS Entries, bug839008_privilege, bug839008_privilege desc, bug839008_role, bug839008_roleDesc, bug839008_user, bug839008_givenname, bug839008_sn, Secret123, bug839008_group, bug839008_group desc])
Comment 7 errata-xmlrpc 2013-02-21 04:16:40 EST 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2013-0528.html
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.