Eroma created AIRAVATA-2843:
-------------------------------
Summary: User who are in gateway-user role (who should be in
gateway-user group) can access admin interfaces
Key: AIRAVATA-2843
URL: https://issues.apache.org/jira/browse/AIRAVATA-2843
Project: Airavata
Issue Type: Bug
Components: Django Portal
Environment: https://django.seagrid.org/
Reporter: Eroma
Assignee: Marcus Christie
Logged in to Django portal with a user who is in gateway-user role in
[https://dev.seagrid.org|https://dev.seagrid.org/].
This user can move to admin space.
Add application button is enable and can enter application details and click
save (error is thrown at saving but its confusing).
Similar to above can go ahead and try enter details for group resource profile
adding and credential store key generation.
All the above need to be restricted at the earliest point possible, e.g.
disable the buttons to initiate above tasks.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
