Technique edit authorizations don't allow technique editor use
When the have the user authorization plugin, admin can access the technique editor, but not an user with rights:
<user name="alice" password="xxx" role="user,deployment_read,deployment_write,directive_read,directive_edit,directive_write,technique_read,technique_edit,technique_write,configuration_read" />
Then, in the Menu the "Utilities" points to
hostname/rudder/secure/utilities/techniqueEditor and I'm getting error 404.
If I go directly to
/rudder/secure/configurationManager/techniqueEditor, it does work.
Moreover, with the less authorized user, creating a technique leads to error:
I have a dead link if I'm logging in with "normal-user" in the Menu the "Utilities" points to hostname/rudder/secure/utilities/techniqueEditor and I'm getting error 404 the /rudder/secure/configurationManager/techniqueEditor does work.
But the technique is actually created or updated!
Updated by François ARMAND 6 months ago
[2019-12-10 14:47:06] ERROR api-processing - Authorization error for 'POST secure/api/ncf': User 'alice' is not allowed to access POST secure/api/ncf [2019-12-10 14:47:06] ERROR com.normation.rudder.rest.RestUtils - "Authorization error: User 'alice' is not allowed to access POST secure/api/ncf" [2019-12-10 14:47:07] INFO com.normation.cfclerk.services.impl.TechniqueRepositoryImpl - Reloading technique library, found modified technique(s): ['test': updated (1.0: VersionUpdated)] [2019-12-10 14:47:08] INFO com.normation.rudder.services.policies.DeployOnTechniqueCallback - Automatic batch update at 2019-12-10T14:47:05.603+01:00