Project

Profile

Help

Send by e-mail

Story #8160

as a user with 'auth.change_group' permission i can POST /pulp/api/v3/groups/3/users/

Added by dkliban@redhat.com about 1 month ago. Updated 27 days ago.

Status:
CLOSED - CURRENTRELEASE
Priority:
Normal
Assignee:
mdellweg
Category:
-
Sprint/Milestone:
3.10.0
Start date:
Due date:
% Done:

100%

Estimated time:
Platform Release:
Groomed:
No
Sprint Candidate:
No
Tags:
Sprint:
Quarter:

Description

Looks like pulpcore 3.10.0.dev is not providing a default access policy for /pulp/api/v3/groups/<id>/users/ and as a result non-admin users can't modify users in a group using that URL.

Related issues

Copied from Pulp - Story #8159: as a user with 'auth.view_group' permission i can GET /pulp/api/v3/groups/CLOSED - CURRENTRELEASE

<a title="Actions" class="icon-only icon-actions js-contextmenu" href="#">Actions</a>

Associated revisions

Revision 1127e5c6 View on GitHub
Added by mdellweg about 1 month ago

Add RBAC to the group users endpoint

fixes #8160 https://pulp.plan.io/issues/8160

History

#1 Updated by dkliban@redhat.com about 1 month ago

  • Copied from Story #8159: as a user with 'auth.view_group' permission i can GET /pulp/api/v3/groups/ added

#2 Updated by ipanova@redhat.com about 1 month ago

  • Sprint/Milestone set to 3.10.0

#3 Updated by mdellweg about 1 month ago

  • Status changed from NEW to ASSIGNED
  • Assignee set to mdellweg

#4 Updated by mdellweg about 1 month ago

  • Tracker changed from Issue to Story
  • Subject changed from user with 'auth.change_group' permission receives 403 on POST /pulp/api/v3/groups/3/users/ to as a user with 'auth.change_group' permission i can POST /pulp/api/v3/groups/3/users/
  • % Done set to 0
  • Severity deleted (2. Medium)
  • Triaged deleted (No)

#5 Updated by pulpbot about 1 month ago

  • Status changed from ASSIGNED to POST

#6 Updated by mdellweg about 1 month ago

  • Status changed from POST to MODIFIED
  • % Done changed from 0 to 100

#7 Updated by pulpbot 27 days ago

  • Status changed from MODIFIED to CLOSED - CURRENTRELEASE

Please register to edit this issue

Send by e-mail

Also available in: Atom PDF