You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@airavata.apache.org by "Eroma (Jira)" <ji...@apache.org> on 2019/10/28 19:18:00 UTC

[jira] [Created] (AIRAVATA-3248) BUG: The gateway user in Admin role can view all the SSH keys in personal User Settings

Eroma created AIRAVATA-3248:
-------------------------------

             Summary: BUG: The gateway user in Admin role can view all the SSH keys in personal User Settings
                 Key: AIRAVATA-3248
                 URL: https://issues.apache.org/jira/browse/AIRAVATA-3248
             Project: Airavata
          Issue Type: Sub-task
          Components: Django Portal
    Affects Versions: 0.18
         Environment: https://staging.seagrid.org/
https://django.staging.seagrid.org
            Reporter: Eroma
            Assignee: Marcus Christie
             Fix For: 0.19


1. A user in admin group with admin role logs in to PGA
2. Navigates to User Settings --> Credential Store
3. Can view all the SSH keys in the gateway and can delete any of them (even a key that is not shared with anyone)
4. User in admin group can delete any key, users in admin-read-only can view and delete keys that are shared with the group.
5. Users in gateway user group only see the keys shared with them



--
This message was sent by Atlassian Jira
(v8.3.4#803005)