[
https://issues.apache.org/jira/browse/CLOUDSTACK-7283?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Alena Prokharchyk updated CLOUDSTACK-7283:
------------------------------------------
Description: Since normal-user role can have access to listAccounts API
that returns user info + he can update users info by calling updateUser, he
should have an access to listUsers API. The response should return his user
info only. Other users belonging to the same user's account, shouldn't be
returned. (was: Since normal-user role can have access to listAccounts API
that returns user info + he can update users info by calling updateUser, he
should have an access to listUsers API. The response should return his account
info only.)
> Allow regular user to execute listUsers API call
> ------------------------------------------------
>
> Key: CLOUDSTACK-7283
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-7283
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the
> default.)
> Components: API, Doc
> Affects Versions: 4.5.0
> Reporter: Alena Prokharchyk
> Assignee: Radhika Nair
> Fix For: 4.5.0
>
>
> Since normal-user role can have access to listAccounts API that returns user
> info + he can update users info by calling updateUser, he should have an
> access to listUsers API. The response should return his user info only. Other
> users belonging to the same user's account, shouldn't be returned.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
