[
https://issues.apache.org/jira/browse/ARTEMIS-5910?focusedWorklogId=1006658&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-1006658
]
ASF GitHub Bot logged work on ARTEMIS-5910:
-------------------------------------------
Author: ASF GitHub Bot
Created on: 23/Feb/26 13:08
Start Date: 23/Feb/26 13:08
Worklog Time Spent: 10m
Work Description: brusdev opened a new pull request, #172:
URL: https://github.com/apache/artemis-console/pull/172
Many of the tabs on the web console show up even though the user doesn't
have permission to execute the command corresponding to the tab. For example
the "Connections" tab shows up even though the user can't execute the
`listConnections` management operation.
Issue Time Tracking
-------------------
Worklog Id: (was: 1006658)
Remaining Estimate: 0h
Time Spent: 10m
> Web console tabs no longer respect user permissions
> ---------------------------------------------------
>
> Key: ARTEMIS-5910
> URL: https://issues.apache.org/jira/browse/ARTEMIS-5910
> Project: Artemis
> Issue Type: Bug
> Components: Web Console
> Reporter: Domenico Francesco Bruscino
> Assignee: Domenico Francesco Bruscino
> Priority: Major
> Labels: pull-request-available
> Time Spent: 10m
> Remaining Estimate: 0h
>
> The fix originally implemented in ARTEMIS-4265 to ensure web console tabs are
> conditionally displayed based on user permissions has regressed in the web
> console released in Apache Artemis 2.40.0. While the original fix
> successfully used RBAC to hide or show UI tabs like Queues, Addresses, and
> Sessions based on a user's specific roles, the web console in version 2.40.0
> no longer honors these security constraints.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
