Uploaded image for project: 'Red Hat Process Automation Manager'
  1. Red Hat Process Automation Manager
  2. RHPAM-3014

Branch Permission RBAC is not correctly restricting access

    XMLWordPrintable

Details

    • Bug
    • Resolution: Won't Do
    • Major
    • None
    • 7.7.1.GA
    • AppFormer
    • None
    • Hide

      Semi-Working Reproduction Steps

      • Log in as a user who is mapped to the Business Central "Admin" Role
      • Select a Space and import a Git project that has multiple branches
      • At the Space Level, add a single user name to the Contributors settings and give them the Contributor role
      • At the Project Level, add the same user name to the Contributors settings and give them the Contributor role
      • Open the Settings page and edit Branch Management
      • Select a branch to limit access to.  Remove READ access from the Contributor row, which should remove all other access
      • Log out of the administrator account
      • Log in with an non-admin user who has access to this Space
      • Select the project, and verify that the branch is not shown in the branch list

      Non-Working Reproduction Steps

      • Log in as a user who is not mapped to the Business Central "Admin" Role
      • Select a Space and import a Git project that has multiple branches
      • Open the Settings page and edit Branch Management
      • Select a branch to limit access to.  Remove READ access from the Contributor row, which should remove all other access
      • Log out of the account
      • Log in with an non-admin user who has access to this Space
      • Select the project, and verify that all branches are incorrectly shown in the branch list
      Show
      Semi-Working Reproduction Steps Log in as a user who is mapped to the Business Central "Admin" Role Select a Space and import a Git project that has multiple branches At the Space Level, add a single user name to the Contributors settings and give them the Contributor role At the Project Level, add the same user name to the Contributors settings and give them the Contributor role Open the Settings page and edit Branch Management Select a branch to limit access to.  Remove READ access from the Contributor row, which should remove all other access Log out of the administrator account Log in with an non-admin user who has access to this Space Select the project, and verify that the branch is not shown in the branch list Non-Working Reproduction Steps Log in as a user who is not mapped to the Business Central "Admin" Role Select a Space and import a Git project that has multiple branches Open the Settings page and edit Branch Management Select a branch to limit access to.  Remove READ access from the Contributor row, which should remove all other access Log out of the account Log in with an non-admin user who has access to this Space Select the project, and verify that all branches are incorrectly shown in the branch list

    Description

      The branch RBAC permissions described in https://access.redhat.com/documentation/en-us/red_hat_process_automation_manager/7.7/html/configuring_business_central_settings_and_properties/role-based-access is not working as expected.

      As part of our business, we want to restrict read/write access to specified branches, preferably through the built-in Business Central Roles (but that can be a new feature request).

      We want the master branch to be protected so that nobody can write to it, and would prefer it not be readable either.

      Attachments

        Issue Links

          clones

          Bug - A problem that impairs or prevents the functions of the product. AF-2556 Branch Permission RBAC is not correctly restricting access

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Open

          Activity

            People

              r_anand Rishiraj Anand
              rhn-support-roribeiro Rodrigo Ribeiro (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: