Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
-
None
Description
Steps to reproduce
1] Create an internal user and make the user delegated admin of any policy.
2] Login with that user and try to read different different policies from URL.
Expected Result : User should be allowed to read only policies for which user has delegated admin rights.
Actual Result : User can read all the policies from URL. Also User can see all policies in a repository as long as user has admin permission to any one policy in that repository (happens in both UI and API)
Attachments
Issue Links
- links to