Actions
Bug #22384
closed
User story #22206: Allow user to define custom roles in rudder-user.xml
Unknown roles must be ignored, not lead to invalid role
Status:
Released
Priority:
N/A
Assignee:
Category:
System integration
Target version:
Pull Request:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
0
Name check:
To do
Fix check:
To do
Regression:
No
Description
Currently, if a custom-role is defined and it reference unknown permission, then it is ignored.
We want to allow that (and just ignore the unknown permissions) so that, for ex if a role refers perm related to other plugins, the role remains OK even if one of the plugin is not loaded (and so its permission are unknown from Rudder).
This does not create a security risk since our permission are only additive (union based), and there is no "exclude".
Updated by François ARMAND about 1 year ago
- Status changed from New to In progress
Updated by François ARMAND about 1 year ago
- Status changed from In progress to Pending technical review
- Assignee changed from François ARMAND to Vincent MEMBRÉ
- Pull Request set to https://github.com/Normation/rudder/pull/4672
Updated by Anonymous about 1 year ago
- Status changed from Pending technical review to Pending release
Applied in changeset rudder|db2a21835b765955b3b0ce86db991352ae354bef.
Updated by Vincent MEMBRÉ about 1 year ago
- Status changed from Pending release to Released
This bug has been fixed in Rudder 7.3.0~rc1 which was released today.
Actions