Uploaded image for project: 'Mender'
  1. Mender
  2. MEN-4413

RBAC user with device group role only can not log in

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Rejected
    • Priority: (None)
    • Resolution: Won't Do
    • Affects Version/s: None
    • Fix Version/s: None
    • Labels:
    • Days in progress:
      0

      Description

      Please see the attached screenshots, from current HM.

      If you assign a device groups role plus read only you can see the devices but not deploy to them. Is this because the user then is interpreted as only being allowed to Read from this group as well (not deploy)? This might be related to MEN-4356?

      The critical problem right now: How can I give deploy access to one group, and also allowing to log in? If I don't assign Read only it's supposed to work for APIs but I cannot log in. If I do assign read only I can log in but not deploy?

      Acceptance criteria

      • A user with only a "Device group" type of role can log in and create a deployment

        Attachments

        1. 1-define-role.png
          1-define-role.png
          26 kB
        2. 2-assign-role-to-user.png
          2-assign-role-to-user.png
          34 kB
        3. 3-user-logs-in.png
          3-user-logs-in.png
          51 kB
        4. 4-user-not-allowed-group.png
          4-user-not-allowed-group.png
          53 kB
        5. 5-user-not-allowed-device.png
          5-user-not-allowed-device.png
          67 kB

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              a10003 Eystein Maloy Stenberg
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Summary Panel