Uploaded image for project: 'Automation Hub'
  1. Automation Hub
  2. AAH-1698

Add permission check for roles and create role screens

XMLWordPrintable

    • Icon: Task Task
    • Resolution: Done
    • Icon: Undefined Undefined
    • None
    • None
    • UI
    • False
    • Hide

      None

      Show
      None
    • False

      Problem Description: Users with group permissions can visit `/ui/roles` and /ui/roles/create` which results in permission error.

      Reproduce:
      1. create user `testuser`
      2. create group `testgroup`
      3. add `testuser` to `testgroup`
      4. assign the existing role `galaxy.group_admin` to `testgroup` (or create a role with group permission `View group` and assign it to `testgroup`)
      5. login as `testuser`
      6. visit `/ui/roles` or `/ui/roles/create`

      Proposed Solution: Users shouldn't be able to visit `/ui/roles` and /ui/roles/create`, only the superuser and admin should be able to do this. The user should be redirected to the `You do not have permission to perform this action` screen. Menu item `Roles`  in the sidebar should be hidden as well.

        1. Screenshot from 2022-06-07 02-28-08.png
          Screenshot from 2022-06-07 02-28-08.png
          60 kB
        2. Screenshot from 2022-06-07 02-36-53.png
          Screenshot from 2022-06-07 02-36-53.png
          144 kB

              jjerabek@redhat.com Jiri Jerabek
              jjerabek@redhat.com Jiri Jerabek
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: