Description of problem: Entering this on behalf of dcaplan. When creating a non-admin user (or a user with no rights for that matter), user can switch to provisioning menu and access things as admin user. Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. In katello, create a new user "norights" 2. Login as "norights" 3. switch to Provisioning (foreman) UI Actual results: User is granted admin rights insofar as foreman is concerned and can access the UI Expected results: User should not have access to foreman. Additional info:
* apr-util-ldap-1.3.9-3.el6_0.1.x86_64 * candlepin-0.8.9-1.el6_4.noarch * candlepin-scl-1-5.el6_4.noarch * candlepin-scl-quartz-2.1.5-5.el6_4.noarch * candlepin-scl-rhino-1.7R3-1.el6_4.noarch * candlepin-scl-runtime-1-5.el6_4.noarch * candlepin-selinux-0.8.9-1.el6_4.noarch * candlepin-tomcat6-0.8.9-1.el6_4.noarch * elasticsearch-0.19.9-8.el6sat.noarch * foreman-1.1.10005-1.noarch * foreman-compute-1.1.10005-1.noarch * foreman-installer-puppet-concat-0-2.d776701.git.0.21ef926.el6sat.noarch * foreman-installer-puppet-dhcp-0-5.3a4a13c.el6sat.noarch * foreman-installer-puppet-dns-0-7.fcae203.el6sat.noarch * foreman-installer-puppet-foreman-0-6.568c5c4.el6sat.noarch * foreman-installer-puppet-foreman_proxy-0-8.bd1e35d.el6sat.noarch * foreman-installer-puppet-puppet-0-3.ab46748.el6sat.noarch * foreman-installer-puppet-tftp-0-5.ea6c5e5.el6sat.noarch * foreman-installer-puppet-xinetd-0-50a267b8.git.0.44aca6a.el6sat.noarch * foreman-libvirt-1.1.10005-1.noarch * foreman-postgresql-1.1.10005-1.noarch * foreman-proxy-1.1.10003-1.el6sat.noarch * foreman-proxy-installer-1.0.1-8.f5ae2cd.el6sat.noarch * katello-1.4.2-11.el6sat.noarch * katello-all-1.4.2-11.el6sat.noarch * katello-candlepin-cert-key-pair-1.0-1.noarch * katello-certs-tools-1.4.2-2.el6sat.noarch * katello-cli-1.4.2-7.el6sat.noarch * katello-cli-common-1.4.2-7.el6sat.noarch * katello-common-1.4.2-11.el6sat.noarch * katello-configure-1.4.3-14.el6sat.noarch * katello-configure-foreman-1.4.3-14.el6sat.noarch * katello-foreman-all-1.4.2-11.el6sat.noarch * katello-glue-candlepin-1.4.2-11.el6sat.noarch * katello-glue-elasticsearch-1.4.2-11.el6sat.noarch * katello-glue-pulp-1.4.2-11.el6sat.noarch * katello-qpid-broker-key-pair-1.0-1.noarch * katello-qpid-client-key-pair-1.0-1.noarch * katello-selinux-1.4.3-3.el6sat.noarch * openldap-2.4.23-31.el6.x86_64 * openldap-devel-2.4.23-31.el6.x86_64 * pulp-rpm-plugins-2.1.1-1.el6sat.noarch * pulp-selinux-2.1.1-1.el6sat.noarch * pulp-server-2.1.1-1.el6sat.noarch * python-ldap-2.3.10-1.el6.x86_64 * ruby193-rubygem-ldap_fluff-0.2.2-1.el6sat.noarch * ruby193-rubygem-net-ldap-0.3.1-2.el6sat.noarch * signo-0.0.16-1.el6sat.noarch * signo-katello-0.0.16-1.el6sat.noarch
Since this issue was entered in Red Hat Bugzilla, the release flag has been set to ? to ensure that it is properly evaluated for this release.
I'm unable to reproduce with latest version. Could you please update the procedure or close?
Closing old bugs which are not relevant based on new UI and CLI