Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: Major
Fix Version/s: 7.0.0
Affects Version/s: Cheshire-Cat
Component/s: ns_server
Labels:
None

Triage:
Untriaged
Story Points:
1
Is this a Regression?:
Unknown

Description

Couchbase 7.0.0-4678

A user with only the "Manage Collections in Scope" role can create scopes if the role uses a wildcard for the scope.

To reproduce, create a "default" bucket and create a user with the only the "Manage Collections in Scope" role for that bucket, with wildcard for the scope:

Manage Collections in Scope [default:*]

Then create a scope:

curl -X POST -v -u username:password http://localhost:8091/pools/default/buckets/default/collections -d name=newScope

The operation succeeds.

If the role is for a specific scope (like "Manage Collections in Scope [default:someScope]") then scope creation fails with "Forbidden".

Is this the expected behavior?

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

image-2021-03-29-10-10-23-557.png
382 kB
29/Mar/21 10:10 AM

Issue Links

relates to

DOC-7888 SDK Collections Management API

Resolved

Gerrit Reviews

- Issue Only
- Show All Reviews
- Show Open Reviews
- Show All Issues
- Show Open Issues

No reviews matched the request. Check your Options in the drop-down menu of this sections header.

Activity

People

Assignee:: Ritam Sharma

Reporter:: David Nault

Votes:: 0 Vote for this issue

Watchers:: 8 Start watching this issue

Dates

Created:: 24/Mar/21 10:03 AM

Updated:: 17/Jun/21 2:49 PM

Resolved:: 30/Apr/21 11:46 AM

Gerrit Reviews

There are no open Gerrit changes

Show There is 1 closed Gerrit change

Hide There is 1 closed Gerrit change

MB-45234: Rename / Reword scope_admin role in UI: Gerrit Review:

User with "manage collections in scope" role can create scopes

Details

Description

Attachments

Attachments

Issue Links

Gerrit Reviews

Activity

People

Dates

Gerrit Reviews

PagerDuty