Project

General

Profile

Actions

Bug #3286

closed

System Rules/Directives/Groups can be cloned/deleted/disabled

Added by Vincent MEMBRÉ over 11 years ago. Updated over 11 years ago.

Status:
Released
Priority:
1 (highest)
Category:
Web - Config management
Target version:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
Name check:
Fix check:
Regression:

Description

System Rules, Directives, Groups can actually be modified, that shoud not happened.

While working on the API rest on Rules, i was able to Clone Root-DP Rule, to disable it, and they can be deleted.

I accessed the rule in the webapp (secure/configurationManager/ruleManagement#{"ruleId":"root-DP"}) and was able to do the same things.

this is happening in 2.3 too (by accessing secure/configurationManager/configurationRuleManagement#{"crId":"root-DP"})

Those actions should have been prevented by Rudder.

Actions #1

Updated by François ARMAND over 11 years ago

  • Status changed from New to 8
  • Assignee set to François ARMAND

That have to be prevented at the item repository level.

Actions #2

Updated by François ARMAND over 11 years ago

When autorisation will be there, we will have to tag 'system' items, and apply them a specific authorization (that only Rudder code will have - or will be able to add in the method request).

Actions #3

Updated by François ARMAND over 11 years ago

  • Status changed from 8 to Pending technical review
  • Assignee changed from François ARMAND to Nicolas CHARLES
Actions #4

Updated by François ARMAND over 11 years ago

  • Status changed from Pending technical review to Pending release
  • % Done changed from 0 to 100
Actions #6

Updated by Matthieu CERDA over 11 years ago

  • Status changed from Pending release to Released

This ticket has been adressed in the 2.3.11 release of Rudder.

The ChangeLog is available here: http://www.rudder-project.org/foswiki/bin/view/System/Documentation:ChangeLog23

Actions

Also available in: Atom PDF