Actions
Bug #24690
closed
Editing user roles overrides tenants in rudder-users.xml file
Pull Request:
Severity:
Major - prevents use of part of Rudder | no simple workaround
UX impact:
I dislike using that feature
User visibility:
Operational - other Techniques | Rudder settings | Plugins
Effort required:
Very Small
Priority:
104
Name check:
To do
Fix check:
Checked
Regression:
No
Description
When editing users roles (removing or adding them) from the user management dashboard, the tenants attribute of the user in the rudder-users.xml file always disappears.
It may lead to security issues (also in the scope of API accounts) : no tenants attribute means that user has access to all tenants.
We need to keep the tenants attribute as is for every user when updating the rudder-users.xml file.
Updated by Clark ANDRIANASOLO 18 days ago
- Status changed from New to In progress
Updated by Clark ANDRIANASOLO 18 days ago
- Status changed from In progress to Pending technical review
- Assignee changed from Clark ANDRIANASOLO to Vincent MEMBRÉ
- Pull Request set to https://github.com/Normation/rudder-plugins/pull/701
Updated by Clark ANDRIANASOLO 16 days ago
- Status changed from Pending technical review to Pending release
Applied in changeset rudder:rudder-plugins|2c069d21df5b976524028ad170b9a2987c4345ef.
Updated by
Updated by Vincent MEMBRÉ 5 days ago
- Status changed from Pending release to Released
This bug has been fixed in Rudder plugin user-management v8.1.1-2.2
Updated by Vincent MEMBRÉ 5 days ago
This bug has been fixed in Rudder plugin user-management v8.1.1-2.2
Actions