#9594 topologysegment commands cannot be delegated
Closed: fixed 8 months ago by rcritten. Opened 8 months ago by rcritten.

Issue

There are no permissions defined for topologysegment commands so they cannot be delegated to a user not in the admins group.

Steps to Reproduce

  1. Add a user to the 'Security Architect' role (has Replication Administrators privilege)
  2. kinit as the user
  3. ipa topologysegment-find domain

Actual behavior

No topology is shown

Expected behavior

Topology for domain and ca suffixes are visible.


Metadata Update from @rcritten:
- Custom field rhbz adjusted to https://issues.redhat.com/browse/RHEL-37285

8 months ago

master:

  • 6fc3515 Add permissions for topologysegment

ipa-4-11:

  • d29eb6d Add permissions for topologysegment

ipa-4-10:

  • a51a51f Add permissions for topologysegment

ipa-4-9:

  • dc98332 Add permissions for topologysegment

Metadata Update from @rcritten:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)

8 months ago

master:

  • 6b26a4e Add iparepltopoconf objectclass to topology permissions

ipa-4-12:

  • ebccaac Add iparepltopoconf objectclass to topology permissions

ipa-4-11:

  • 15dde65 Add iparepltopoconf objectclass to topology permissions

ipa-4-10:

  • bbe5e18 Add iparepltopoconf objectclass to topology permissions

ipa-4-9:

  • 16a8aa0 Add iparepltopoconf objectclass to topology permissions

Metadata Update from @rcritten:
- Custom field changelog adjusted to RBAC have been added to read, modify, add and remove replication topology segments.

5 months ago

Log in to comment on this ticket.

Metadata