Project

General

Profile

Actions
Copy link

Bug #3286

closed

System Rules/Directives/Groups can be cloned/deleted/disabled

Added by Vincent MEMBRÉ about 11 years ago. Updated about 11 years ago.

Status:
Released
Priority:
1
Assignee:
Nicolas CHARLES
Category:
Web - Config management
Target version:
2.3.11
Pull Request:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
Name check:
Fix check:
Regression:

Description

System Rules, Directives, Groups can actually be modified, that shoud not happened.

While working on the API rest on Rules, i was able to Clone Root-DP Rule, to disable it, and they can be deleted.

I accessed the rule in the webapp (secure/configurationManager/ruleManagement#{"ruleId":"root-DP"}) and was able to do the same things.

this is happening in 2.3 too (by accessing secure/configurationManager/configurationRuleManagement#{"crId":"root-DP"})

Those actions should have been prevented by Rudder.

Actions
Copy link

Also available in: Atom PDF