Werk #12851: Folder/Host permissions: Users could add groups but not remove them afterwards

Komponente WATO
Titel Folder/Host permissions: Users could add groups but not remove them afterwards
Datum 05.08.2021
Checkmk-Editon Checkmk Raw (CRE)
Checkmk-Version 2.0.0p9 2.1.0i1
Level Kleine Änderung
Klasse Bugfix
Kompatibilität Kompatibel - benötigt kein manuelles Eingreifen

Users with the "User" role which are able to manage a folder in "Hosts & folders" can add and remove permissions of contact groups on a folder. These users should only be able to add / remove contact groups they are a member of.

However, in previous releases it was possible to add one group to the permitted groups of a folder he is not a member of. But when trying to remove the group, this was denied because the user is not a member of this group.

The logic has now been changed to provide the user a consistent behaviour: In the moment a user tries to add OR remove a contact group, it is verified that the user is a member of that group. The user can now really only add OR remove groups he is a member of.

Groups which are permitted on this folder and are not modified by the user are not relevant in this situation.

Zur Liste aller Werks