Bug 909692 - Non admin user have access to /hosts url
Non admin user have access to /hosts url
Status: CLOSED CURRENTRELEASE
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: ovirt-engine (Show other bugs)
3.1.2
Unspecified Unspecified
unspecified Severity high
: ---
: 3.2.0
Assigned To: Ravi Nori
Ondra Machacek
infra
: Regression, ZStream
Depends On:
Blocks: 910368 915537
  Show dependency treegraph
 
Reported: 2013-02-10 08:36 EST by Ondra Machacek
Modified: 2016-02-10 14:39 EST (History)
10 users (show)

See Also:
Fixed In Version: sf8
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 910368 (view as bug list)
Environment:
Last Closed: 2013-06-11 05:18:25 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: Infra
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
oVirt gerrit 11933 None None None Never

  None (edit)
Description Ondra Machacek 2013-02-10 08:36:01 EST
Description of problem:
Non-admin user can have access to /hosts url.

Version-Release number of selected component (if applicable):
si27

How reproducible:
always

Steps to Reproduce:
1. Add user non-admin role(for example: UserVmManager on cluster)
2. Access /hosts url as user.
  
Actual results:
User can view /hosts url.

Expected results:
error 403, forbidden

Additional info:
bug 839569
Comment 7 Itamar Heim 2013-06-11 05:18:25 EDT
3.2 has been released
Comment 8 Itamar Heim 2013-06-11 05:42:23 EDT
3.2 has been released

Note You need to log in before you can comment on or make changes to this bug.