-
Bug Report
-
Resolution: Fixed
-
L3 - Default
-
None
-
None
Steps to reproduce:
- There is a non-admin user with access rights for Cockpit
- A valid license key is in the database
- The server is freshly started (i.e. no admin user has previously logged on)
- The non-admin user logs into the EE Cockpit
Expected behavior:
- The user can work with Cockpit and access any EE plugins
Current behavior:
- The user cannot access EE plugins
Root cause:
- Accessing EE plugins triggers a license check
- The license check result is usually cached, but after a fresh start the cached value is empty
- The license checker accesses the database to see if a valid license is present
- This access requires admin privileges and therefore fails with an AuthorizationException
- This was accidentally introduced with https://github.com/camunda/camunda-bpm-platform-ee/commit/3701c152f674acf7f8b6bd74f64c86d1f5d7f0a4 where code that cleared the user authentication (thereby disabling authorization checks) was removed where the license key is read
This is the controller panel for Smart Panels app
[CAM-11914] EE resources are not initially accessible for a non-admin user
| Status | Original: Open [ 1 ] | New: In Progress [ 3 ] |
| Description |
Original:
Steps to reproduce:
* There is a non-admin user with access rights for Cockpit * A valid license key is in the database * The server is freshly started (i.e. no admin user has previously logged on) * The non-admin user logs into the EE Cockpit Expected behavior: * The user can work with Cockpit and access any EE plugins Current behavior: * The user cannot access EE plugins Root cause: * Accessing EE plugins triggers a license check * The license check result is usually cached, but after a fresh start the cached value is empty * The license checker accesses the database to see if a valid license is present * This access requires admin privileges and therefore fails with an AuthorizationException * This was accidentally introduced with https://github.com/camunda/camunda-bpm-platform-ee/commit/3701c152f674acf7f8b6bd74f64c86d1f5d7f0a4 |
New:
Steps to reproduce:
* There is a non-admin user with access rights for Cockpit * A valid license key is in the database * The server is freshly started (i.e. no admin user has previously logged on) * The non-admin user logs into the EE Cockpit Expected behavior: * The user can work with Cockpit and access any EE plugins Current behavior: * The user cannot access EE plugins Root cause: * Accessing EE plugins triggers a license check * The license check result is usually cached, but after a fresh start the cached value is empty * The license checker accesses the database to see if a valid license is present * This access requires admin privileges and therefore fails with an AuthorizationException * This was accidentally introduced with https://github.com/camunda/camunda-bpm-platform-ee/commit/3701c152f674acf7f8b6bd74f64c86d1f5d7f0a4 where code that cleared the user authentication (thereby disabling authorization checks) was removed where the license key is read |
| Mentioned Roles |
| Mentioned Groups |
| Mentioned Roles |
| Mentioned Groups |
| Assignee | Original: Thorben Lindhauer [ thorben.lindhauer ] | New: Tassilo Weidner [ tassilo.weidner ] |
| Resolution | New: Fixed [ 1 ] | |
| Status | Original: In Progress [ 3 ] | New: Resolved [ 5 ] |
| Remaining Estimate | New: 0 minutes [ 0 ] | |
| Original Estimate | New: 0 minutes [ 0 ] |
| Mentioned Roles |
| Mentioned Groups |
| Status | Original: Resolved [ 5 ] | New: In Test [ 10004 ] |