hsato03 opened a new pull request, #8639: URL: https://github.com/apache/cloudstack/pull/8639
### Description When calling the `listRoles` API, users can see roles with more permissions than theirs. Therefore, the behavior of the `listRoles` API was changed so that users can only see roles that their role has permission to access (roles with same and less permissions). ### Types of changes - [ ] Breaking change (fix or feature that would cause existing functionality to change) - [ ] New feature (non-breaking change which adds functionality) - [ ] Bug fix (non-breaking change which fixes an issue) - [X] Enhancement (improves an existing feature and functionality) - [ ] Cleanup (Code refactoring and cleanup, that may add test cases) - [ ] build/CI ### Feature/Enhancement Scale or Bug Severity #### Feature/Enhancement Scale - [ ] Major - [X] Minor #### Bug Severity - [ ] BLOCKER - [ ] Critical - [ ] Major - [ ] Minor - [ ] Trivial ### Screenshots (if appropriate): ### How Has This Been Tested? 1. I created a custom role based on User role and added the `listRoles` API to it. 2. I created an account using the role from step 1 and logged into it. 3. I called the `listRoles` API via CloudMonkey and verfied that the roles with more permissions than mine were not listed, such as default admin roles. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
