Uploaded image for project: 'Hybrid Cloud Console'
  1. Hybrid Cloud Console
  2. RHCLOUD-30637

Non-admin user has access to RBAC Groups

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Critical Critical
    • None
    • None
    • RBAC
    • False
    • Hide

      None

      Show
      None
    • False
    • Unset
    • No
    • PlatEx UI Sprint 10, Access & Management Sprint 84, Access & Management Sprint 85, PlatEx UI Sprint 19

      When I log in as a non-admin user (no RBAC permissions) and try to access RBAC, on the Users and Roles pages I receive a message "You do not have access to RBAC" (or something of the sort). However, when I click on Groups I can view the groups. 

      This seems inconsistent, or possibly erroneous. We should investigate and identify if we need to protect Groups.

       

      Environment: Stage (stable), Prod (stable)

      Steps

      1. Log in as non-admin
      2. Navigate to My User Access
      3. Click on Groups

      Actual Result

      User can view Groups, but may see some error toasts pop up. (screencap is from prod stable)

      Expected Result

      Groups should be inaccessible - remove the whole User Access bundle in the navigation for users without permissions

        1. image-2024-01-24-15-07-42-986.png
          85 kB
          Brandon Tweed
        2. image-2024-03-22-09-27-34-551.png
          68 kB
          Brandon Tweed

            fhlavac Filip Hlavac
            btweed@redhat.com Brandon Tweed
            Votes:
            0 Vote for this issue
            Watchers:
            7 Start watching this issue

              Created:
              Updated:
              Resolved: