[
https://issues.apache.org/jira/browse/VCL-857?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14483903#comment-14483903
]
ASF subversion and git services commented on VCL-857:
-----------------------------------------------------
Commit 1671932 from [~arkurth] in branch 'vcl/trunk'
[ https://svn.apache.org/r1671932 ]
VCL-857
Changed logic in utils.pm::get_request_info so that the imagemeta.rootaccess
value is used for members of a server request admin group. This prevents the
non-owner of an image from being able to make a server request and bypass the
image owner's root access setting.
VCL-858
Added check to ensure request user is granted root access if request.forimaging
= 1 and request user is the image owner.
> admin access not granted if owner of server reservation in access user group
> ----------------------------------------------------------------------------
>
> Key: VCL-857
> URL: https://issues.apache.org/jira/browse/VCL-857
> Project: VCL
> Issue Type: Bug
> Components: vcld (backend), web gui (frontend)
> Reporter: Josh Thompson
> Fix For: 2.4.2
>
>
> If a user makes a server reservation and selects a user group for the Access
> User Group of which that user is a member, the user will not be granted admin
> access within the reservation.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
