History | Log In     View a printable version of the current page.  
   HOME       BROWSE PROJECT       FIND ISSUES   
    QUICK SEARCH:  
Issue Details (XML | Word | Printable)

Key: RHQ-870
Type: Bug Bug
Status: Accepted Accepted
Priority: Major Major
Assignee: Jay Shaughnessy
Reporter: Corey Welton
Votes: 0
Watchers: 0
Operations

If you were logged in you would be able to see more operations.
RHQ Project

RHQ users with no defined roles can access listAgents.xhtml

Created: 22/Sep/08 01:06 PM   Updated: 15/Dec/08 10:39 AM
Component/s: Core UI
Affects Version/s: 1.1pre
Fix Version/s: 1.2

Time Tracking:
Not Specified

Date of First Response: 12/Dec/08 11:48 PM
Tester: Corey Welton
VCS Revision: 1,538


 Description  « Hide

Prerequisite:
* create a user that has no roles.

1. Login to RHQ instance
2. go to http://$hostname:7080/rhq/ha/listAgents.xhtml
3. View results

Expected results:
User cannot access the page

Current results:
User can access (although not modify) this page.

Notes:
This behaviour is not uniform with these other pages in the same class:
* listServers.xhtml
* listAffinityGroups.xhtml
* listPartitionEvents.xhtml

All of these, for better or worse, throw an error on the screen. It's not a permission denied, but it still keeps users from accessing the pages. However, the same does not occur with "listAgents.xhtml"




 All   Comments   Work Log   Change History      Sort Order: Ascending order - Click to sort in descending order
[ Permlink | « Hide ]
John Mazzitelli - 12/Dec/08 11:48 PM
need to go through and add appropriate annotations to the SLSB methods

[ Permlink | « Hide ]
John Mazzitelli - 15/Dec/08 10:39 AM
assigning to jay - he wrote the UI and probably knows the permissions the other HAAC pages use so he can duplicate it for this one too


Powered by a free Atlassian JIRA open source license for Hyperic HQ. Try JIRA - bug tracking software for your team.
Atlassian JIRA the Professional Issue Tracker. (Enterprise Edition, Version: 3.12-#298) - Bug/feature request - Contact Administrators