Project

General

Profile

Actions

Bug #22384

closed

User story #22206: Allow user to define custom roles in rudder-user.xml

Unknown roles must be ignored, not lead to invalid role

Added by François ARMAND almost 2 years ago. Updated almost 2 years ago.

Status:
Released
Priority:
N/A
Category:
System integration
Target version:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
0
Name check:
To do
Fix check:
To do
Regression:
No

Description

Currently, if a custom-role is defined and it reference unknown permission, then it is ignored.
We want to allow that (and just ignore the unknown permissions) so that, for ex if a role refers perm related to other plugins, the role remains OK even if one of the plugin is not loaded (and so its permission are unknown from Rudder).

This does not create a security risk since our permission are only additive (union based), and there is no "exclude".

Actions #1

Updated by François ARMAND almost 2 years ago

  • Description updated (diff)
Actions #2

Updated by François ARMAND almost 2 years ago

  • Status changed from New to In progress
Actions #3

Updated by François ARMAND almost 2 years ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from François ARMAND to Vincent MEMBRÉ
  • Pull Request set to https://github.com/Normation/rudder/pull/4672
Actions #4

Updated by Anonymous almost 2 years ago

  • Status changed from Pending technical review to Pending release
Actions #5

Updated by Vincent MEMBRÉ almost 2 years ago

  • Status changed from Pending release to Released

This bug has been fixed in Rudder 7.3.0~rc1 which was released today.

Actions

Also available in: Atom PDF