Uploaded image for project: 'Satellite'
  1. Satellite
  2. SAT-30239

User cannot invalidate self token without edit_users permission

XMLWordPrintable

    • 1
    • False
    • Moderate
    • None
    • None
    • None
    • None

      Description of problem:

      User cannot invalidate self token without edit_users permission.

      How reproducible:

      Always

      Is this issue a regression from an earlier version:

      No

      Steps to Reproduce:

      1. Create a non-admin user without any permissions to it and create a token. 

      2. Try invalidating self token of the user using API endpoint. 

      3.

      Actual behavior:
      [

      {   "error": \{"message":"Access denied","details":"Missing one of the required permissions: edit_users","missing_permissions":["edit_users"]}

      }
      ]

      Expected behavior:
      [User can invalidate self token without edit_users permission]

      Business Impact / Additional info:

       

              rh-ee-gisoni Girija Soni
              rhn-support-shwsingh Shweta Singh (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: