Project

General

Profile

Bug #13416

Rudder system api token only have RO access

Added by Vincent MEMBRÉ 3 months ago. Updated about 2 months ago.

Status:
Released
Priority:
N/A
Category:
API
Target version:
Severity:
User visibility:
Effort required:
Priority:
0

Description

We define a list of ACL for our System api token with access to all api, But, Since #12209, you don't have api-authz plugin this token has only RO access to prevent usage of those accounts when the plugin is not enabled.

Replacing ACL rights by a RW right fix this issue

Associated revisions

Revision bbc91650 (diff)
Added by Vincent MEMBRÉ 3 months ago

Fixes #13416: Rudder system api token only have RO access

History

#1 Updated by Vincent MEMBRÉ 3 months ago

  • Status changed from New to In progress
  • Assignee set to Vincent MEMBRÉ

#2 Updated by Vincent MEMBRÉ 3 months ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from Vincent MEMBRÉ to François ARMAND
  • Pull Request set to https://github.com/Normation/rudder/pull/2025

#3 Updated by Vincent MEMBRÉ 3 months ago

  • Status changed from Pending technical review to Pending release

#4 Updated by Vincent MEMBRÉ about 2 months ago

  • Status changed from Pending release to Released
This bug has been fixed in Rudder 4.3.5 and 5.0.1 which were released today.
Changelog
Changelog

Also available in: Atom PDF