Uploaded image for project: 'Red Hat Fuse'
  1. Red Hat Fuse
  2. ENTESB-4996

Viewer role able to create/delete queues and messages via Hawtio

    XMLWordPrintable

Details

    • % %
    • Hide

      1) Create a user in etc/users.properties with only the viewer role
      2) Start the container
      3) Login to the Hawtio with the user having only the viewer role
      4) Select the ActiveMQ view
      5) Using a client, connect to the broker to create a new queue
      6) In Hawtio, observe the user with the viewer role can now create additional queues and delete the queue created
      7) Logout of the Hawtio
      8) Login to the Hawtio with the user with only the viewer role
      9) Select the ActiveMQ view
      10) Observe the user no longer has access to create or delete queues
      11) Create an additional queue with the client
      12) Observe the user in Hawtio can again create and delete queues

      Using similar steps the user with the viewer role can also delete messages from queues

      Show
      1) Create a user in etc/users.properties with only the viewer role 2) Start the container 3) Login to the Hawtio with the user having only the viewer role 4) Select the ActiveMQ view 5) Using a client, connect to the broker to create a new queue 6) In Hawtio, observe the user with the viewer role can now create additional queues and delete the queue created 7) Logout of the Hawtio 8) Login to the Hawtio with the user with only the viewer role 9) Select the ActiveMQ view 10) Observe the user no longer has access to create or delete queues 11) Create an additional queue with the client 12) Observe the user in Hawtio can again create and delete queues Using similar steps the user with the viewer role can also delete messages from queues
    • 6.3 Sprint 4 (Mar 28 - Apr 29)

    Description

      A user with viewer role is capable of creating and deleting AMQ queues via Hawtio. This issue becomes apparent after a new queue is created from a client connected to the broker and when the Hawtio UI refreshes to display the new queue. After the refresh of Hawtio, the create queue and delete queue options are enabled. If the user logs out and logs back in the options are no longer available.

      Attachments

        Issue Links

          is related to

          Bug - A problem that impairs or prevents the functions of the product. ENTESB-5622 User with Read-only privilege can delete/move messages through hawtio

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed
          relates to

          Bug - A problem that impairs or prevents the functions of the product. ENTESB-4892 "viewer" has some rights unexpected in hawtio

          • Critical - To be worked on immediately following BLOCKER issues.
          • Closed

          Bug - A problem that impairs or prevents the functions of the product. ENTESB-4055 Improve Hawt.io Performance

          • Minor - To be worked after urgent, high, and medium priorities are resolved. This term is chosen when the severity of the issue is low, or the complexity or effort to correct it may be higher, relatively speaking. For low priority issues, known workarounds exist or are not needed due to the trivial effort needed to address the issue.
          • Closed

          Enhancement - An enhancement to or refactoring of existing functionality that is not configurable by an end user (typically a change made by an internal team that affects users) ENTESB-1522 UI support for the role based permissions

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Activity

            People

              rhn-support-tasato Tadayoshi Sato
              rhn-support-jsherman Jason Sherman
              Votes:
              1 Vote for this issue
              Watchers:
              9 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: