Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-6127

Role manage-users still required for some operations regardless granted permission

    Details

    • Steps to Reproduce:
      Hide

      1. Create a user "ricky". Assign view-users to the user.
      2. Enable permissions to the users.
      3. Configure a User policy that adds ricky as a valid user. Configure this policy for "manage.permission.users", "map-roles.permission.users" and "manage-group-membership.permission.users".

      With this I can just list groups (no edit or create) but in groups I have the following problems:

      • No Add User or Unlock User buttons.
      • And I cannot map-roles or assign-group (that gives me a 403 in the ajax call). Side please test this second point tomorrow, maybe I have something weird in my env.

      The button is only displayed if I add "manager-users" directly to the user.

      Show
      1. Create a user "ricky". Assign view-users to the user. 2. Enable permissions to the users. 3. Configure a User policy that adds ricky as a valid user. Configure this policy for "manage.permission.users", "map-roles.permission.users" and "manage-group-membership.permission.users". With this I can just list groups (no edit or create) but in groups I have the following problems: No Add User or Unlock User buttons. And I cannot map-roles or assign-group (that gives me a 403 in the ajax call). Side please test this second point tomorrow, maybe I have something weird in my env. The button is only displayed if I add "manager-users" directly to the user.
    • Docs QE Status:
      NEW
    • QE Status:
      NEW

      Gliffy Diagrams

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              pcraveiro Pedro Igor Silva
            • Votes:
              2 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated: