You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cloudstack.apache.org by "Prachi Damle (JIRA)" <ji...@apache.org> on 2014/04/17 02:09:14 UTC
[jira] [Resolved] (CLOUDSTACK-6348) IAM - Regular User is not able
to change password.
[ https://issues.apache.org/jira/browse/CLOUDSTACK-6348?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Prachi Damle resolved CLOUDSTACK-6348.
--------------------------------------
Resolution: Fixed
Changes:
- Linked the user operations to Account entittyType in the code.
- This makes IAM load the 'OperateEntry' permission on an Account entity for a normal user
- This will allow the operation that failed
> IAM - Regular User is not able to change password.
> --------------------------------------------------
>
> Key: CLOUDSTACK-6348
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-6348
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the default.)
> Components: Management Server
> Affects Versions: 4.4.0
> Reporter: Sangeetha Hariharan
> Assignee: Prachi Damle
> Priority: Critical
> Fix For: 4.4.0
>
>
> Steps to reproduce the problem:
> As regular user , try to change password.
> Following error message is presented to the user:
> Acct[eb54ae7f-c932-4513-aab6-984f03f9df41-test] does not have permission to access resource Acct[eb54ae7f-c932-4513-aab6-984f03f9df41-test]
> Management server log:
> 2014-04-07 10:43:58,185 DEBUG [c.c.a.ApiServlet] (catalina-exec-4:ctx-3b2e2f03) ===START=== 10.215.3.0 -- POST command=updateUser&response=json&sessionkey=P7c7ohM5rOC6mJLLima8CXlOAho%3D
> 2014-04-07 10:43:58,204 DEBUG [o.a.c.i.RoleBasedEntityAccessChecker] (catalina-exec-4:ctx-3b2e2f03 ctx-8030779f) Account Acct[eb54ae7f-c932-4513-aab6-984f03f9df41-test] does not have permission to access resource Acct[eb54ae7f-c932-4513-aab6-984f03f9df41-test] for access type: OperateEntry
> 2014-04-07 10:43:58,211 INFO [c.c.a.ApiServer] (catalina-exec-4:ctx-3b2e2f03 ctx-8030779f) PermissionDenied: Acct[eb54ae7f-c932-4513-aab6-984f03f9df41-test] does not have permission to access resource Acct[eb54ae7f-c932-4513-aab6-984f03f9df41-test] on objs: []
> 2014-04-07 10:43:58,212 DEBUG [c.c.a.ApiServlet] (catalina-exec-4:ctx-3b2e2f03 ctx-8030779f) ===END=== 10.215.3.0 -- POST command=updateUser&response=json&sessionkey=P7c7ohM5rOC6mJLLima8CXlOAho%3D
--
This message was sent by Atlassian JIRA
(v6.2#6252)