-
Story
-
Resolution: Done
-
Critical
-
None
-
None
-
1
-
False
-
-
-
HAC Console Sprint 244, OCM UI Sprint 244b, OCM UI Sprint 245, OCM UI Sprint 246, OCM UI Sprint 247, OCM UI Core Sprint 248, OCM Core Sprint 249, OCM Core Sprint 250, OCM Core Sprint 251, OCM Core Sprint 252, OCM Core Sprint 253, OCMUI Core Sprint 254, OCMUI Core Sprint 255, OCMUI Core Sprint 256, OCMUI Core Sprint 257, OCMUI Core Sprint 258, OCMUI Core Sprint 259, OCMUI Core Sprint 260, OCMUI Core Sprint 261, OCMUI Core Sprint 262, OCMUI Core Sprint 263, OCMUI Core Sprint 264, OCMUI Core Sprint 265
Description of problem:
An org member user has granted with role permission "machine pool editor" for a cluster. But in org member user login session, the UI options under settings tabs are enabled and user allowed to schedule the updates for the same cluster. It is wrong and we should restrict the user only machine pool related action for this role from UI.
How reproducible:
Always
Steps to reproduce:
- Launch OCM UI staging and login as org-admin user.
- Open a ROSA hypershift cluster.
- Go to access control tab > OCM roles and access , click "Grant" button.
- Input Redhat login with a valid user name (ex: use a org-member user)
- Select Role as Machine pool editor and Click on "Grant role".
- Login to OCM UI Staging with the user granted permission in step 4 .
- Select and Open the cluster(same as step 2).
- Go to "Settings" tab and see the update strategy options.
- Try to schedule the update and see the behavior.
Actual results:
The user allowed to schedule cluster update from settings tab wrongly when the user has granted with the role "machine pool editor".
Expected results:
The user should not be allowed to schedule cluster update from settings tab and the role "machine pool editor" should have access related to machine pool requirements.
- is related to
-
OCMUI-2914 Inconsistencies in OCMUI operations with a user granted with only role "machine pool editor"
-
- To Do
-
- mentioned on
