Details
-
Task
-
Resolution: Done
-
Major
-
None
-
False
-
None
-
False
-
Release Note Not Required
Description
We need to create a test case to fill this condition: https://issues.redhat.com/browse/OSSM-3567
Tested manually first with these scenarios:
- If the user foo tries to add a member to the SMMR will receive a notification that is not allowed due to permissions:
admission webhook "smmr.validation.maistra.io" denied the request: user 'foo' does not have permission to access namespace(s): [bookinfo]
- If tries to add ‘*’ will receive a notification also:
admission webhook "smmr.validation.maistra.io" denied the request: only users that are allowed to update pods at the cluster scope are allowed to use wildcards or member selectors; user foo does not have that permission
- But if he updates with and namespace with privileges he will be able to update