[dev.icinga.com #3880] All privileges are dropped in some cases a user is deleted

[icinga-migration]

This issue has been migrated from Redmine: https://dev.icinga.com/issues/3880

Created by chris on 2013-03-20 13:53:49 +00:00

Assignee: mfrosch
Status: Resolved (closed on 2013-03-25 14:56:40 +00:00)
Target Version: 1.8.3
Last Update: 2013-03-25 14:56:40 +00:00 (in Redmine)

Icinga Version: 1.8.4
Icinga Web Version: 1.8.2
IDO Version: 1.8.4
OS Version: Redhat 6.3
DB Type: PostgreSQL
DB Version: 8.4.13
Browser Version: 18.0.1

---

Create a new user (test) -> Add all roles to the new user (without role guest) -> logout -> Login as the new user (test) -> Remove the new user (test) (himself) -> logout -> Login as admin (e.g. root) -> "You do not have sufficient credentials to access this page"

All rights are removed from the others users.

Attachments

• clean.dump chris - 2013-03-21 10:10:19 +00:00 - Clean Database after installation
• user-exist-with-login.dump chris - 2013-03-21 10:10:19 +00:00 - New user created - logged in one time
• new-user-removed-broken.dump chris - 2013-03-21 10:10:19 +00:00 - After root removed the new user - broken

Changesets

2013-03-25 14:53:49 +00:00 by mfrosch 5f3bde7

Disabling all caching of permissions for a user (refs #3880)

When deleting a user from the system all permissions of the logged
in user got deleted - including the permissions from his groups.

2013-03-25 15:17:31 +00:00 by mfrosch c1dab80

Disabling all caching of permissions for a user (refs #3880)

When deleting a user from the system all permissions of the logged
in user got deleted - including the permissions from his groups.

---

Relations:

• relates #3880

[icinga-migration]

Updated by chris on 2013-03-21 10:10:19 +00:00

• File added clean.dump
• File added user-exist-with-login.dump
• File added new-user-removed-broken.dump

The problem is also present if the new user is deleted by an other admin.

All privileges get lost!

[icinga-migration]

Updated by mfrosch on 2013-03-25 14:52:45 +00:00

• Status changed from New to Assigned
• Assigned to set to mfrosch

This problem has been introduced by the caching of user permissions.

Basically on deletion of a user the permissions of the logged in user will be removed (include the permissions of the groups the user is in).

Very nasty :(

Disabling the caching there!

[icinga-migration]

Updated by mfrosch on 2013-03-25 14:56:40 +00:00

• Status changed from Assigned to Resolved
• Done % changed from 0 to 100

Merged into r1.8