revoke failed: User checked status without read permission
Bug #1612417 reported by
Curtis Hovey
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Canonical Juju |
Fix Released
|
Critical
|
Horacio Durán | ||
juju-ci-tools |
Fix Released
|
Critical
|
Curtis Hovey |
Bug Description
As seen at
http://
After revoking the user's read permission, the user could call status.
This was first seen after a test change and code change. The issue could be in the test and not juju. The QA team will update the test to be clean about which user and which client is being used. This will help identity the steps to reproduce.
Changed in juju-ci-tools: | |
status: | New → Triaged |
importance: | Undecided → Critical |
Changed in juju-core: | |
assignee: | nobody → Horacio Durán (hduran-8) |
Changed in juju-ci-tools: | |
assignee: | nobody → Curtis Hovey (sinzui) |
status: | Triaged → In Progress |
Changed in juju-core: | |
status: | Triaged → In Progress |
Changed in juju-ci-tools: | |
status: | In Progress → Fix Committed |
status: | Fix Committed → Fix Released |
Changed in juju-core: | |
status: | In Progress → Fix Committed |
affects: | juju-core → juju |
Changed in juju: | |
milestone: | 2.0-beta16 → none |
milestone: | none → 2.0-beta16 |
Changed in juju: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
It has been fixed by the adding of permission checking to the facades in http:// reviews. vapour. ws/r/5430/