Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 970501

Summary: Remove old implicit job sharing model
Product: [Retired] Beaker Reporter: Nick Coghlan <ncoghlan>
Component: schedulerAssignee: Raymond Mancy <rmancy>
Status: CLOSED CURRENTRELEASE QA Contact: tools-bugs <tools-bugs>
Severity: urgent Docs Contact:
Priority: unspecified    
Version: 0.14CC: aigao, asaha, dcallagh, ebaak, jingwang, llim, qwan, rmancy, xjia
Target Milestone: 0.15Keywords: NeedsTestCase
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-10-03 02:27:43 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Nick Coghlan 2013-06-04 07:54:28 UTC 
Description of problem:

The interaction of the old implicit job sharing model and the new ability to create your own user groups means it is possible to get additional access to another user's jobs by creating a group and adding them to it.


Version-Release number of selected component (if applicable):

Beaker 0.13

How reproducible:

Always

Steps to Reproduce:
1. User A submits an individual job
2. User B creates a new group and adds User A
3. User B has additional access to jobs submitted by User A

Actual results:

User B has additional permissions on all jobs submitted by User A

Expected results:

User B has no additional access to any individual jobs submitted by User A, ior group jobs submitted for groups of which User B is not member.
Comment 1 Raymond Mancy 2013-07-29 10:20:19 UTC 
http://gerrit.beaker-project.org/#/c/2130/
Comment 6 wangjing 2013-08-13 01:26:55 UTC 
verified on beaker-devel (2013-8-12)-->pass

steps:
1. User B has no additional access to any individual jobs submitted by User A
2. User B has no access to group jobs submitted for groups of which User B is not member.
Comment 7 Nick Coghlan 2013-10-03 02:27:43 UTC 
Beaker 0.15 has been released.