Continuum
  1. Continuum
  2. CONTINUUM-1867

Project group admin should not be able to grant system-wide roles to himself

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 1.2
    • Fix Version/s: 1.2
    • Component/s: Web - Security
    • Labels:
      None

      Description

      As a project group admin for a single group, I am able to edit my user account and grant any role up to and including system administrator.

      A project group admin should be able to grant the roles for his own project group to other users. He should not be able to elevate his own permissions.

        Issue Links

          Activity

          Wendy Smoak created issue -
          Hide
          Wendy Smoak added a comment -

          Attaching continuum-user-edit.pdf showing all the options available to a user who currently only has a single project group admin role.

          The first page of the user edit form showing the effective roles can be seen attached to CONTINUUM-1865.

          Show
          Wendy Smoak added a comment - Attaching continuum-user-edit.pdf showing all the options available to a user who currently only has a single project group admin role. The first page of the user edit form showing the effective roles can be seen attached to CONTINUUM-1865 .
          Wendy Smoak made changes -
          Field Original Value New Value
          Attachment continuum-user-edit.pdf [ 36793 ]
          Wendy Smoak made changes -
          Fix Version/s 1.2.1 [ 14539 ]
          Hide
          jzurbano added a comment -
          Show
          jzurbano added a comment - Fix in http://jira.codehaus.org/browse/REDBACK-160 will also fix this.
          Wendy Smoak made changes -
          Link This issue depends upon REDBACK-160 [ REDBACK-160 ]
          Hide
          Wendy Smoak added a comment -

          We'll need a new release of Redback to fix this.

          Show
          Wendy Smoak added a comment - We'll need a new release of Redback to fix this.
          Olivier Lamy (*$^¨%`£) made changes -
          Fix Version/s 1.2.1 [ 14539 ]
          Fix Version/s 1.2 [ 13779 ]
          Hide
          Olivier Lamy (*$^¨%`£) added a comment -

          upgrade to redback 1.1.1 done in rev 696596
          Thanks for the fast release

          Show
          Olivier Lamy (*$^¨%`£) added a comment - upgrade to redback 1.1.1 done in rev 696596 Thanks for the fast release
          Olivier Lamy (*$^¨%`£) made changes -
          Status Open [ 1 ] Closed [ 6 ]
          Resolution Fixed [ 1 ]
          Assignee Olivier Lamy [ olamy ]
          Wendy Smoak made changes -
          Link This issue relates to CONTINUUM-1783 [ CONTINUUM-1783 ]
          Mark Thomas made changes -
          Project Import Sun Apr 05 08:36:01 UTC 2015 [ 1428222961749 ]
          Mark Thomas made changes -
          Workflow jira [ 12710520 ] Default workflow, editable Closed status [ 12740227 ]
          Mark Thomas made changes -
          Project Import Sun Apr 05 21:12:18 UTC 2015 [ 1428268338676 ]
          Mark Thomas made changes -
          Workflow jira [ 12947712 ] Default workflow, editable Closed status [ 12985738 ]
          Transition Time In Source Status Execution Times Last Executer Last Execution Date
          Open Open Closed Closed
          16d 9h 52m 1 Olivier Lamy (*$^¨%`£) 18/Sep/08 04:27

            People

            • Assignee:
              Olivier Lamy (*$^¨%`£)
              Reporter:
              Wendy Smoak
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development