Loading...

This issue belongs to an archived project. You can view it, but you can't modify it. Learn more

XML

Word

Printable

Type: Task
Resolution: Done
Priority: Undefined
Fix Version/s: None
Affects Version/s: None
Component/s: UI
Labels:
- ready-for-ui

Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
Acceptance Criteria:
None

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Problem Description: Users with group permissions can visit `/ui/roles` and /ui/roles/create` which results in permission error.

Reproduce:
1. create user `testuser`
2. create group `testgroup`
3. add `testuser` to `testgroup`
4. assign the existing role `galaxy.group_admin` to `testgroup` (or create a role with group permission `View group` and assign it to `testgroup`)
5. login as `testuser`
6. visit `/ui/roles` or `/ui/roles/create`

Proposed Solution: Users shouldn't be able to visit `/ui/roles` and /ui/roles/create`, only the superuser and admin should be able to do this. The user should be redirected to the `You do not have permission to perform this action` screen. Menu item `Roles` in the sidebar should be hidden as well.

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List
  - Download All

Screenshot from 2022-06-07 02-28-08.png
2022/06/07 12:37 AM
60 kB
Jiri Jerabek
Screenshot from 2022-06-07 02-36-53.png
2022/06/07 12:37 AM
144 kB
Jiri Jerabek

mentioned on

Merge request - Updated 2 upstream sources

Merge request - Updated US source to: 4a27ed1 Feature/rbac roles (#2239)

Assignee:: Jiri Jerabek

Reporter:: Jiri Jerabek

Archiver:: Raju Anumula

Created:: 2022/06/07 12:34 AM

Updated:: 2022/09/21 9:23 PM

Resolved:: 2022/09/14 12:10 PM

Archived:: 2025/10/02 3:36 PM

Details

Description

Attachments

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates

PagerDuty