https://issues.rudder.io/https://issues.rudder.io/themes/rudder7/favicon/favicon.ico?17096450182022-08-25T16:37:15ZIssue TrackerRudder - Bug #21638: The rules page does not work with a "configuration role"https://issues.rudder.io/issues/21638?journal_id=1602442022-08-25T16:37:15ZAlexis Moussetalexis.mousset@rudder.io
<ul><li><strong>Regression</strong> changed from <i>Yes</i> to <i>No</i></li></ul> Rudder - Bug #21638: The rules page does not work with a "configuration role"https://issues.rudder.io/issues/21638?journal_id=1672822023-04-06T13:09:00ZFrançois ARMANDfrancois.armand@rudder.io
<ul><li><strong>Description</strong> updated (<a title="View differences" href="/journals/167282/diff?detail_id=222547">diff</a>)</li><li><strong>Target version</strong> set to <i>7.2.6</i></li><li><strong>Severity</strong> set to <i>Major - prevents use of part of Rudder | no simple workaround</i></li><li><strong>UX impact</strong> set to <i>I hate Rudder for that</i></li><li><strong>User visibility</strong> set to <i>First impressions of Rudder</i></li><li><strong>Effort required</strong> set to <i>Medium</i></li><li><strong>Priority</strong> changed from <i>0</i> to <i>118</i></li></ul><p>The problem is that the configuration role should actually not be allowed to these API since it is intended to only access and act on "configuration" section, ie nothing node related. In previous times, it didn't happen because authorization check were done in liftweb.</p>
<p>The solution would be to create dedicated internal API that merge in the backend all call into one and have the correct permissions for that role.</p>
<p>More precisely:</p>
<p>- <code>GET secure/api/compliance/rules</code>: (access to compliance by rule) perhaps this one should be allowed for configuration <br />- <code>GET secure/api/groups/tree</code>: (info on groups, group prop, nodes on groups, etc) this one is clearly not in the current definition of the role<br />- <code>GET secure/api/nodes</code>: (info on nodes, node inventory, inventory, etc): should remain forbidden<br />- <code>GET secure/api/changes</code>: (info on rule changes): this one should be authorized<br />- <code>GET secure/api/settings/{key}</code>: access on config value: should remain forbidden</p> Rudder - Bug #21638: The rules page does not work with a "configuration role"https://issues.rudder.io/issues/21638?journal_id=1676362023-04-20T16:55:01ZFrançois ARMANDfrancois.armand@rudder.io
<ul><li><strong>Assignee</strong> set to <i>Vincent MEMBRÉ</i></li><li><strong>Priority</strong> changed from <i>118</i> to <i>117</i></li></ul> Rudder - Bug #21638: The rules page does not work with a "configuration role"https://issues.rudder.io/issues/21638?journal_id=1680932023-05-03T07:52:46ZVincent MEMBRÉvme@rudder.io
<ul><li><strong>Target version</strong> changed from <i>7.2.6</i> to <i>7.2.7</i></li><li><strong>Priority</strong> changed from <i>117</i> to <i>116</i></li></ul> Rudder - Bug #21638: The rules page does not work with a "configuration role"https://issues.rudder.io/issues/21638?journal_id=1686442023-05-16T09:18:33ZVincent MEMBRÉvme@rudder.io
<ul><li><strong>Target version</strong> changed from <i>7.2.7</i> to <i>7.2.8</i></li><li><strong>Priority</strong> changed from <i>116</i> to <i>115</i></li></ul> Rudder - Bug #21638: The rules page does not work with a "configuration role"https://issues.rudder.io/issues/21638?journal_id=1700072023-06-29T14:42:29ZVincent MEMBRÉvme@rudder.io
<ul><li><strong>Target version</strong> changed from <i>7.2.8</i> to <i>7.2.9</i></li><li><strong>Priority</strong> changed from <i>115</i> to <i>112</i></li></ul> Rudder - Bug #21638: The rules page does not work with a "configuration role"https://issues.rudder.io/issues/21638?journal_id=1713442023-07-20T17:16:24ZVincent MEMBRÉvme@rudder.io
<ul><li><strong>Target version</strong> changed from <i>7.2.9</i> to <i>7.2.10</i></li><li><strong>Priority</strong> changed from <i>112</i> to <i>111</i></li></ul> Rudder - Bug #21638: The rules page does not work with a "configuration role"https://issues.rudder.io/issues/21638?journal_id=1724082023-08-10T12:20:50ZAlexis Moussetalexis.mousset@rudder.io
<ul><li><strong>Target version</strong> changed from <i>7.2.10</i> to <i>7.2.11</i></li><li><strong>Priority</strong> changed from <i>111</i> to <i>110</i></li></ul> Rudder - Bug #21638: The rules page does not work with a "configuration role"https://issues.rudder.io/issues/21638?journal_id=1740332023-09-13T07:14:42ZVincent MEMBRÉvme@rudder.io
<ul><li><strong>Target version</strong> changed from <i>7.2.11</i> to <i>1046</i></li><li><strong>Priority</strong> changed from <i>110</i> to <i>109</i></li></ul> Rudder - Bug #21638: The rules page does not work with a "configuration role"https://issues.rudder.io/issues/21638?journal_id=1753972023-10-12T12:55:10ZAlexis Moussetalexis.mousset@rudder.io
<ul><li><strong>Target version</strong> changed from <i>1046</i> to <i>7.3.8</i></li></ul> Rudder - Bug #21638: The rules page does not work with a "configuration role"https://issues.rudder.io/issues/21638?journal_id=1767882023-10-27T15:00:47ZVincent MEMBRÉvme@rudder.io
<ul><li><strong>Target version</strong> changed from <i>7.3.8</i> to <i>7.3.9</i></li></ul> Rudder - Bug #21638: The rules page does not work with a "configuration role"https://issues.rudder.io/issues/21638?journal_id=1773352023-11-07T10:09:06ZVincent MEMBRÉvme@rudder.io
<ul><li><strong>Target version</strong> changed from <i>7.3.9</i> to <i>7.3.10</i></li></ul> Rudder - Bug #21638: The rules page does not work with a "configuration role"https://issues.rudder.io/issues/21638?journal_id=1785972023-12-13T00:09:09ZVincent MEMBRÉvme@rudder.io
<ul><li><strong>Target version</strong> changed from <i>7.3.10</i> to <i>7.3.11</i></li></ul> Rudder - Bug #21638: The rules page does not work with a "configuration role"https://issues.rudder.io/issues/21638?journal_id=1802092024-01-31T15:27:17ZVincent MEMBRÉvme@rudder.io
<ul><li><strong>Target version</strong> changed from <i>7.3.11</i> to <i>7.3.12</i></li></ul> Rudder - Bug #21638: The rules page does not work with a "configuration role"https://issues.rudder.io/issues/21638?journal_id=1814082024-02-28T14:19:36ZVincent MEMBRÉvme@rudder.io
<ul><li><strong>Target version</strong> changed from <i>7.3.12</i> to <i>7.3.13</i></li></ul> Rudder - Bug #21638: The rules page does not work with a "configuration role"https://issues.rudder.io/issues/21638?journal_id=1822932024-03-10T23:45:29ZVincent MEMBRÉvme@rudder.io
<ul><li><strong>Target version</strong> changed from <i>7.3.13</i> to <i>7.3.14</i></li></ul>