Details
-
Bug
-
Resolution: Done
-
Critical
-
None
-
2.7 GA
-
Not Started
-
Not Started
-
Not Started
-
Not Started
-
Not Started
-
Not Started
-
+
Description
An Admin user in member role who has been granted access to all the permissions cannot access Backend. Specifically,
This scenario is from the original issue, THREESCALE-4489, and is taken care of there.
-Scenario 1 -
1. Login into the admin portal as user in a "member" role of the 3scale account.
2. Select a product from the Product/Backend menu at the top. Examle select Product: Test
3. Click on the "Integration" on the lhs
4. Click on Backends from the Drop down menu. This will result in an "Access Denied" page being displayed.instead of a page that can be used to add backends or edit an existing backend as would be the case for a user in an admin role.
Scenario 2
1. Login into the admin portal as a user in the "member" role the 3scale account.
2. Select a Backend from the top menu. Example. "Test Backend"
3. This will result in an Access Denied instead of displaying a page that allows editing of Backend.
Use case for providing member access:
An admin creates an API Service and then granted the rights to it to a Member so that they can set up the API. With the change in 2.7 to Product and Backend, the Member doesn't have the ability to change the Backend, say if the hostname changes; the Member will have to request the Admins to change the Backend or create a new one. But even if the admin creates a new one, it looks like the Member with access to the Product cannot change the Backend section of the Product, so the Member would still be relying on the Admin to make these changes.
Attachments
Issue Links
- clones
-
-
- Closed
-
- is related to
-
-
- Closed
-
