bug: Permission global:edit_default_branch not enforced when loading a schema #4958
Labels
group/backend
Issue related to the backend (API Server, Git Agent)
type/bug
Something isn't working as expected
Comments
dgarros
added
type/bug
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Component
API Server / GraphQL
Infrahub version
1.0.5
Current Behavior
A user with the global permissions to manage the schema (
global:manage_schema:allow_all) but without the permission to edit the default branch (global:edit_default_branch) is still able to load a new schema in the default branch (main)Expected Behavior
A user without the permission
global:edit_default_branchshouldn't be able to load a schema into the default branchSteps to Reproduce
On a fresh system
Infrahub UsersGeneral Access(default data) and that this role has theglobal:manage_schema:allow_allbut does not have the roleglobal:edit_default_branchinfrahubctlAdditional Information
No response
The text was updated successfully, but these errors were encountered: