Bug 988332 - Adding one permission protected XMLRPC API to add user to a group
Adding one permission protected XMLRPC API to add user to a group
Status: VERIFIED
Product: TCMS
Classification: Other
Component: XMLRPC (Show other bugs)
Devel
All All
unspecified Severity medium
: ---
: ---
Assigned To: Yang Ren
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-07-25 06:36 EDT by Chaobin Tang
Modified: 2014-06-18 05:44 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Chaobin Tang 2013-07-25 06:36:44 EDT
Description of problem:

A new XMLRPC API is to be added to allow adding an existing user to an existing group. This API must be protected with authentication and authorization.


Version-Release number of selected component (if applicable):


How reproducible:

Issuing an XMLRPC call using Nitrate XMLRPC client like this (e.g, in Python programming language) -

>>> server = NitrateXMLRPC(...)
>>> server.user.join('username', 'group_name')


Steps to Reproduce:
1.
2.
3.

Actual results:

Expected results:

Systems authorized will succeed in adding an existing user to an existing group.

Additional info:

This API should only be invoked by an authorized system that authenticated using the kerberos principle, thus obtaining a valid kerberos principle credential as well as the authorization is mandatory and can be assisted with Eng-Ops representatives.

Note You need to log in before you can comment on or make changes to this bug.