Project

General

Profile

Actions
Copy link

Bug #4545

closed

Host deletion allowed even though host permissions

Added by Bryce Camp about 10 years ago. Updated about 7 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
Users, Roles and Permissions
Target version:
-
Difficulty:
Triaged:
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

I created a specific role for my user and assigned everything appropriately. I did leave out two available options for the role: destroy_hosts, console_hosts

My user still has the ability to console and destroy hosts though.

Actions
Copy link
 #1

Updated by Marek Hulán about 10 years ago

  • Category set to Users, Roles and Permissions

What is your foreman version?

Actions
Copy link
 #2

Updated by Bryce Camp about 10 years ago

Foreman version 1.4.0

Actions
Copy link
 #3

Updated by Dominic Cleal about 10 years ago

  • Status changed from New to Feedback

I've tested this on Foreman 1.5, creating a new role without these two permissions and have confirmed that the options are unavailable in the UI and I'm unable to destroy hosts via the API as that user.

We're running a test period for the new auth system in Foreman 1.5 at the moment, so if you have time to try it, please see Auth_testing_for_Foreman_15 for more info.

Actions
Copy link
 #4

Updated by Anonymous about 7 years ago

  • Status changed from Feedback to Resolved

should be resolved with 1.5+

Actions
Copy link

Also available in: Atom PDF