Werk #951: table servicegroups: fixed service visibility when using group_authorization AUTH_STRICT
| Component | Livestatus |
| Title | table servicegroups: fixed service visibility when using group_authorization AUTH_STRICT |
| Date | Jul 10, 2014 |
| Checkmk Editon | Checkmk Raw (CRE) |
| Checkmk Version | 1.2.5i5 |
| Level | Trivial Change |
| Class | Bug Fix |
| Compatibility | Compatible - no manual interaction needed |
This only applies with the setting group_authorization = AUTH_STRICT
When an auth user was given the livestatus table servicegroups did not check if the auth user had permissions to all objects of the servicegroup. As a result the user was able to view servicegroups, even if he was not a contact for every object in it. However, the "forbidden" object itself was not returned, just a subset of the group. This was incorrect. The user needs to be contact of every element in this group. Otherwise he should not see the group at all..