Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unprivileged users can access execution api actions #472

Merged
merged 1 commit into from
Jul 29, 2013
Merged

Unprivileged users can access execution api actions #472

merged 1 commit into from
Jul 29, 2013

Conversation

sfdc-kho
Copy link
Contributor

We have a deployment user with aclpolicy:

description: API Application level access control
context:
  application: 'rundeck'
for:
  resource:
    - equals:
        kind: system
      allow: [read] # allow read of system info
by:
  group: deploy_user

When we login to the rundeck UI with this user, we immediately are hit with this message:

No authorized access to projects. Contact your administrator. (User roles: deploy_user, user)

But when I try http://localhost:4440/api/1/execution/32, I can see the execution output.

After change:

HTTP/1.1 403 Forbidden
<result error='true' apiversion='8'><error><message>Not authorized for action "read" for Execution 32</message></error></result>

@gschueler
Copy link
Member

👍 thanks

gschueler added a commit that referenced this pull request Jul 29, 2013
@gschueler
Merge pull request #472 from forcedotcom/authorization
1c2cda7 
Unprivileged users can access execution api actions
@gschueler gschueler merged commit 1c2cda7 into rundeck:development Jul 29, 2013
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
1.6.0
Development

Successfully merging this pull request may close these issues.
2 participants
@sfdc-kho @gschueler