You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@vcl.apache.org by "ASF subversion and git services (JIRA)" <ji...@apache.org> on 2015/04/07 21:45:12 UTC
[jira] [Commented] (VCL-857) admin access not granted if owner of
server reservation in access user group
[ https://issues.apache.org/jira/browse/VCL-857?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14483903#comment-14483903 ]
ASF subversion and git services commented on VCL-857:
-----------------------------------------------------
Commit 1671932 from [~arkurth] in branch 'vcl/trunk'
[ https://svn.apache.org/r1671932 ]
VCL-857
Changed logic in utils.pm::get_request_info so that the imagemeta.rootaccess value is used for members of a server request admin group. This prevents the non-owner of an image from being able to make a server request and bypass the image owner's root access setting.
VCL-858
Added check to ensure request user is granted root access if request.forimaging = 1 and request user is the image owner.
> admin access not granted if owner of server reservation in access user group
> ----------------------------------------------------------------------------
>
> Key: VCL-857
> URL: https://issues.apache.org/jira/browse/VCL-857
> Project: VCL
> Issue Type: Bug
> Components: vcld (backend), web gui (frontend)
> Reporter: Josh Thompson
> Fix For: 2.4.2
>
>
> If a user makes a server reservation and selects a user group for the Access User Group of which that user is a member, the user will not be granted admin access within the reservation.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)