You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
manager is able to assign super admin permissions through permission groups
👟 Reproduction steps
1.Create a permission group (for example:newgrp) having superadmin permission using the superadmin access.
2. Now give permission to a user as manager in devtron apps of a particular project.
3. Now SSO login using that user.
4. Now assign that already existing permission group(newgrp) to any non-superadmin user, now that non-superadmin user will have the access capabilities of superadmin.
👍 Expected behavior
Not able to make superadmin
👎 Actual Behavior
Able to make superadmin
☸ Kubernetes version
.
Cloud provider
.
🌍 Browser
Chrome
🧱 Your Environment
No response
✅ Proposed Solution
.
👀 Have you spent some time to check if this issue has been raised before?
📜 Description
manager is able to assign super admin permissions through permission groups
👟 Reproduction steps
1.Create a permission group (for example:newgrp) having superadmin permission using the superadmin access.
2. Now give permission to a user as manager in devtron apps of a particular project.
3. Now SSO login using that user.
4. Now assign that already existing permission group(newgrp) to any non-superadmin user, now that non-superadmin user will have the access capabilities of superadmin.
👍 Expected behavior
Not able to make superadmin
👎 Actual Behavior
Able to make superadmin
☸ Kubernetes version
.
Cloud provider
🌍 Browser
Chrome
🧱 Your Environment
No response
✅ Proposed Solution
.
👀 Have you spent some time to check if this issue has been raised before?
🏢 Have you read the Code of Conduct?
AB#9637
The text was updated successfully, but these errors were encountered: