-
Notifications
You must be signed in to change notification settings - Fork 258
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Restrict user profile write acces to owner and super user #688
Conversation
88c41c5
to
271b83b
Compare
/ost |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@rszwajko LGTM
The only missing part is handling the UI side for the new account settings tab by displaying a popup error message in case of a non superuser trying to delete for someone else, e.g.
@sgratch |
The functionality can be tested without PR #130 via REST API
Example result:
|
@rszwajko other such errors of "User is not authorized to perform this action" generated by the Administration->Users dialog are displayed using a popup error message. Why not running the same for this new tab? |
This comment applies to error handling in PR #130. In March we discussed this topic and apart of wording there were no issues raised. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@rszwajko comments regarding the tests, except that LGTM
...odules/bll/src/test/java/org/ovirt/engine/core/bll/RemoveUserProfilePropertyCommandTest.java
Show resolved
Hide resolved
...odules/bll/src/test/java/org/ovirt/engine/core/bll/UpdateUserProfilePropertyCommandTest.java
Show resolved
Hide resolved
...ager/modules/bll/src/main/java/org/ovirt/engine/core/bll/validator/UserProfileValidator.java
Outdated
Show resolved
Hide resolved
...ager/modules/bll/src/main/java/org/ovirt/engine/core/bll/validator/UserProfileValidator.java
Outdated
Show resolved
Hide resolved
1f4af9f
to
13a5850
Compare
13a5850
to
8509718
Compare
/ost |
/ost |
Before, every admin user has full write access to user profiles of other users.
After this patch only super users will be able to modify user profiles of other users.
Admin users will have read only access.