Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

unable to add user to project using UI #9774

Closed
rajujith opened this issue Oct 7, 2024 · 3 comments
Closed

unable to add user to project using UI #9774

rajujith opened this issue Oct 7, 2024 · 3 comments
Assignees
@bernardodemarco
Labels
affects:4.19.1 type:bug
Milestone
4.19.2

Comments

@rajujith
Copy link
Collaborator

rajujith commented Oct 7, 2024

ISSUE TYPE
  • Bug Report
COMPONENT NAME
UI
CLOUDSTACK VERSION
4.19.1.1
CONFIGURATION

Project

SUMMARY

As a normal user, I can add a project and add a user to a project from another account in the same domain, I can't do the same with UI. UI checks the username with listusers which is not allowed for normal users for listing users in other accounts.

STEPS TO REPRODUCE
1. Create a project as a normal user
2. add a user to the project filling the form with the exact username of another user.
EXPECTED RESULTS
UI should allow adding users to project since its allowed via API.
ACTUAL RESULTS
UI doesn't allow adding user to project for normal users.
@DaanHoogland
Copy link
Contributor

@rajujith , I am not sure if allowing users to list users from another account would be a security issue. Maybe you can play with roles to see if it is possible?

@DaanHoogland DaanHoogland added this to the unplanned milestone Nov 8, 2024
@weizhouapache
Copy link
Member

@rajujith , I am not sure if allowing users to list users from another account would be a security issue. Maybe you can play with roles to see if it is possible?

An option could be

  • if the caller (also project admin) is a root admin or domain admin, display the a dropdown with available accounts.
  • if the caller is a regular user, display a text input so that user can input the account name to be added.

@bernardodemarco bernardodemarco self-assigned this Nov 11, 2024
@bernardodemarco bernardodemarco mentioned this issue Nov 14, 2024
Merged
14 tasks
@bernardodemarco bernardodemarco modified the milestones: unplanned, 4.19.2 Dec 4, 2024
@bernardodemarco
Copy link
Collaborator

Closing this ticket since it was fixed by #9927.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@bernardodemarco bernardodemarco

Labels
affects:4.19.1 type:bug
Projects
None yet
Milestone
4.19.2
Development

No branches or pull requests
4 participants
@DaanHoogland @rajujith @weizhouapache @bernardodemarco