You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@airavata.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2021/07/13 21:50:00 UTC
[jira] [Commented] (AIRAVATA-3487) BUG: An admin user created a SSH
with READ access and. GRP with MANAGE SHARING for admin group
[ https://issues.apache.org/jira/browse/AIRAVATA-3487?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17380192#comment-17380192 ]
ASF subversion and git services commented on AIRAVATA-3487:
-----------------------------------------------------------
Commit 99e552e216be6654a188a7fa2c09892a37d56de0 in airavata-django-portal's branch refs/heads/staging from Marcus Christie
[ https://gitbox.apache.org/repos/asf?p=airavata-django-portal.git;h=99e552e ]
AIRAVATA-3487 Default write access to passed in GRP object
> BUG: An admin user created a SSH with READ access and. GRP with MANAGE SHARING for admin group
> ----------------------------------------------------------------------------------------------
>
> Key: AIRAVATA-3487
> URL: https://issues.apache.org/jira/browse/AIRAVATA-3487
> Project: Airavata
> Issue Type: Sub-task
> Components: Django Portal
> Environment: https://testdrive.airavata.org/
> Reporter: Eroma
> Assignee: Marcus Christie
> Priority: Major
>
> # An admin group user (eroma2016) created a key with ADMIN users having READ access
> # Then created a GRP, where admin users has MANAGE_SHARING
> # When another admin user logs in (tdaadmin) that user cannot change the key or add new compute resources but when refreshed can do both.
> # Shouldn't this be disabled?
--
This message was sent by Atlassian Jira
(v8.3.4#803005)