workflow_create auth fix
Reported by Greg Schueler | September 15th, 2011 @ 03:50 PM | in Rundeck 1.3.1 (closed)
Problems:
1. workflow_create doesn't limit creation of a job into a
restricted group.
make sure workflow_create action is required on appropriate job match definition to create a Job/rename a Job
example:
given:
<context project="*">
<command job="*" group="monkey.*" actions="workflow_create"/>
or
rules:
'monkey.*':
actions: [workflow_create]
then Job creation (or rename) is allowed only if the job matches group "monkey.*", and cannot be created in another group.
Comments and changes to this ticket
-
Greg Schueler September 15th, 2011 @ 04:21 PM
(from [886582a1ced76521041dc402658fb053e549ca04]) check workflow_create auth when creating/renaming jobs.
[#437] https://github.com/dtolabs/rundeck/commit/886582a1ced76521041dc4026...
-
Greg Schueler September 19th, 2011 @ 12:18 PM
(from [9df821d4096b558f58fd74a42785898f8a0f9852]) Add tests for workflow_create authorization [#437]
Update ScheduledExecutionController interface to improve testability
https://github.com/dtolabs/rundeck/commit/9df821d4096b558f58fd74a42... -
Greg Schueler September 21st, 2011 @ 02:42 PM
- State changed from new to resolved
Please Sign in or create a free account to add a new ticket.
With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป
(DEPRECATED) Please use github issues for issue tracking at http://github.com/dtolabs/rundeck/issues
People watching this ticket
Referenced by
- 437 workflow_create auth fix [#437] https://github.com/dtolabs/rundeck/commit/886582a...
- 437 workflow_create auth fix (from [9df821d4096b558f58fd74a42785898f8a0f9852]) Add tes...