Project

General

Profile

Actions

Bug #5875

closed

It should not be possible to delete system directives

Added by Jonathan CLARKE over 7 years ago. Updated over 7 years ago.

Status:
Released
Priority:
2
Category:
Web - Config management
Target version:
Severity:
UX impact:
User visibility:
Effort required:
Priority:

Description

I just managed to delete some system Directives:

This was possible via the Node details screen, in the reports section where all Rules and Directives have an "Edit" icon:

By clicking on this Edit icon, I could delete Directives (but not Rules). I found this in Rudder 3.0 and 2.11 via the Edit icon, but I was also able to do this on Rudder 2.10 by accessing this URL directly: https://rudder-server-name/rudder/secure/configurationManager/directiveManagement#{"directiveId":"inventory-all"}.

I suspect this is actually two bugs:
  1. We should not be able to delete system directives (at the internal API level)
  2. We should not display edit links on any system directives or rules

Since this allows to delete system Directives this is quite a bad bug. However, I don't see that is has security implications, since we can only delete existing Directives, and even then only ones that keep Rudder running, and only as an admin user.


Files

2.png (9.94 KB) 2.png Jonathan CLARKE, 2014-11-29 14:50
3.png (10.5 KB) 3.png Jonathan CLARKE, 2014-11-29 14:50

Related issues 3 (0 open3 closed)

Related to Rudder - Bug #5916: Remove edit link for system directive/rulesReleasedFrançois ARMAND2014-12-04Actions
Related to Rudder - Bug #5915: Error message when trying to delete a system directive is horribleReleasedFrançois ARMAND2014-12-04Actions
Related to Rudder - Bug #5923: System rule are modified when trying to delete a directiveReleasedNicolas CHARLES2014-12-04Actions
Actions #1

Updated by François ARMAND over 7 years ago

I agree with the two bugs, the consistency one being the most important for Rudder, and the UI one being the most important for users

Actions #2

Updated by François ARMAND over 7 years ago

The second bug seems to be an actually different bugs, because it seems to appeared in 2.11 (in 2.10, the link are not here): #5916

Actions #3

Updated by François ARMAND over 7 years ago

  • Pull Request set to https://github.com/Normation/rudder/pull/685
Actions #4

Updated by François ARMAND over 7 years ago

  • Status changed from New to Pending release
  • % Done changed from 0 to 100
Actions #6

Updated by Vincent MEMBRÉ over 7 years ago

  • Status changed from Pending release to Released

This bug has been fixed in Rudder 2.10.8 and 2.11.5, which were released today (16/12/14)

Actions

Also available in: Atom PDF