Uploaded image for project: 'camunda BPM'
  1. camunda BPM
  2. CAM-14627

Deleting a tenant membership is not limited to the user or group

XMLWordPrintable

      Environment (Required on creation):

      Camunda Automation Platform 7.17.1

      Description (Required on creation; please attach any relevant screenshots, stacktraces, log files, etc. to the ticket):

      When deleting a tenant membership using IdentityService#deleteTenantUserMembership or IdentityService#deleteTenantGroupMembership all memberships for the tenant are deleted.

      Steps to reproduce (Required on creation):

      1. Enable Authorization
      2. Create two groups
      3. Create a tenant
      4. Create memberships for each tenant and group combination
      5. Delete one membership using IdentityService#deleteTenantGroupMembership

      Observed Behavior (Required on creation):

      All memberships related to the tenant are gone.

      Expected behavior (Required on creation):

      Only the membership related to the respective group/user and tenant is deleted.

      Root Cause (Required on prioritization):

      The WHERE condition in the SQL query doesn't restrict the deletion to the respective user or group.

      Solution Ideas (Optional):

      Use queries that restrict the deletion to a user or group.

      Hints (optional):

        This is the controller panel for Smart Panels app

            [CAM-14627] Deleting a tenant membership is not limited to the user or group

            There are no comments yet on this issue.

              tassilo.weidner Tassilo Weidner
              tassilo.weidner Tassilo Weidner
              Tassilo Weidner Tassilo Weidner
              Nikola Koevski Nikola Koevski
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: