-
Bug
-
Resolution: Done
-
Critical
-
None
-
quay-v3.16.0
-
False
-
-
False
-
-
Description of problem:
In quay 3.16.0, the super user failed to take ownership of the organization created by the ordinary user
Version-Release number of selected component (if applicable):
quay.io/redhat-user-workloads/quay-eng-tenant/stable-3-16-v4-19@sha256:603c1a0f53a59687e2253c93715742cd5fa0bd2723090bf929382dec2e00fd90 ------------------------------ $ oc get $(oc get pod -l name=quay-operator-alm-owned -o name -n quay-enterprise) -o jsonpath='{.spec.containers[0].image}' -n quay-enterprise registry.redhat.io/quay/quay-operator-rhel9@sha256:6784976c0c1aa2de10801b9750d7b883d22d408084dccbe4dc829c5eeb4ecacb ------------------------------ $ oc get $(oc get pod -l app=quay -o NAME -n quay-enterprise|head -n 1) -o jsonpath='{.spec.containers[0].image}' -n quay-enterprise registry.redhat.io/quay/quay-rhel9@sha256:c8dd61bf436a7ff965cc839ff7217e85dbcf04b0001daf6ca7f5ee917ae699e9 ------------------------------ $ oc get quayregistry -o jsonpath='{.items[0].status.currentVersion}' -n quay-enterprise 3.16.0
Steps to reproduce:
1. Create a super user 'whuquay' and a ordinary 'user1'
2. Log in with ordinary user 'user1' and create a organization 'user1_org1'
3. Log in with super user 'whuquay' and take ownership of 'user1_org1'
4. log in with ordinary user 'user1' again and check if 'user1_org1' exist
Actual results
The ordinary user 'user1' still can access and operate the organization 'user1_org1'.
Expected results
After super user take the ownership of an organization created by a ordinary user, this user can't access this organization again.
Additional info
After super user take the ownership of a ordinary user. this user can't log in quay again.
Quay 3.15.2 has the same issue, after super user take the ownership of an organization created by a ordinary user, this user still can access this organization.
