Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-12069

Non amadmin admin user can't edit Policy Sets / Policies

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: 14.5.1, 6.0.0
    • Fix Version/s: 6.0.0, 5.5.2
    • Component/s: None
    • Labels:
    • Target Version/s:
    • Sprint:
      Sprint 2017.15 Curie, Sprint 2017.16 Newton
    • Needs backport:
      No
    • Support Ticket IDs:
    • Needs QA verification:
      No
    • Functional tests:
      Yes
    • Are the reproduction steps defined?:
      Yes and I used the same an in the description

      Description

      Bug description

      A non-amadmin "admin user" can not edit Policy Sets / Policies ... get's 403 Forbidden error.  This was working in AM 14.0 / 14.1

      How to reproduce the issue

      Details steps outlining how to recreate the issue (remove this text)

      1. Create a privilege with all capabilities
      2. Create a new user and add the group related to the privilege
      3. Log into /openam/console as new "admin user"
      4. Try to edit Policy Set
      Expected behaviour
      Should be able to edit / create policy sets and policies
      
      Current behaviour
      Getting 403 Forbidden error
      

      Work around

      Login as "amadmin" to perform Policy Sets / Policies

       

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                tom.elliott Tom Elliott [X] (Inactive)
                Reporter:
                sfehrman Scott Fehrman
              • Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: