Project

General

Profile

Bug #47356

Feature #47765: mgr/dashboard: security improvements

mgr/dashboard: some nfs-ganesha endpoints are not in correct security scope

Added by Kiefer Chang over 2 years ago. Updated almost 2 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Kiefer Chang
Category:
Component - NFS
Target version:
Ceph - v16.0.0
% Done:

0%

Source:
Tags:
Backport:
octopus,nautilus
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
Ceph - v14.2.9, Ceph - v15.2.5, Ceph - v16.0.0
ceph-qa-suite:
Pull request ID:
37041
Crash signature (v1):
Crash signature (v2):
Tags:
usability, low-hanging-fruit, management, configuration, security, administration, documentation, installation

Description

The endpoints in the /ui-api/ganesha-nfs and /api/ganesha-nfs/daemons paths need to be scoped.

Related issues

Copied to Dashboard - Backport #47620: nautilus: mgr/dashboard: some nfs-ganesha endpoints are not in correct security scope Resolved
Copied to Dashboard - Backport #47621: octopus: mgr/dashboard: some nfs-ganesha endpoints are not in correct security scope Resolved

History

#1 Updated by Kiefer Chang over 2 years ago

  • Status changed from New to Fix Under Review
  • Pull request ID set to 37041

#2 Updated by Kiefer Chang over 2 years ago

  • Subject changed from mgr/dashboard: UI API of nfs-ganesha is not in any security scope to mgr/dashboard: some nfs-ganesha endpoints are not in correct security scope
  • Status changed from Fix Under Review to In Progress

#3 Updated by Kiefer Chang over 2 years ago

  • Description updated (diff)

#4 Updated by Kiefer Chang over 2 years ago

  • Description updated (diff)

#5 Updated by Kiefer Chang over 2 years ago

  • Status changed from In Progress to Fix Under Review

#6 Updated by Lenz Grimmer over 2 years ago

  • Tags set to security
  • Status changed from Fix Under Review to Pending Backport
  • Target version set to v16.0.0

#7 Updated by Lenz Grimmer over 2 years ago

  • Description updated (diff)

#8 Updated by Nathan Cutler over 2 years ago

  • Copied to Backport #47620: nautilus: mgr/dashboard: some nfs-ganesha endpoints are not in correct security scope added

#9 Updated by Nathan Cutler over 2 years ago

  • Copied to Backport #47621: octopus: mgr/dashboard: some nfs-ganesha endpoints are not in correct security scope added

#10 Updated by Ernesto Puerta over 2 years ago

  • Parent task set to #47765

#11 Updated by Nathan Cutler about 2 years ago

  • Status changed from Pending Backport to Resolved

While running with --resolve-parent, the script "backport-create-issue" noticed that all backports of this issue are in status "Resolved" or "Rejected".

#12 Updated by Ernesto Puerta almost 2 years ago

  • Project changed from mgr to Dashboard
  • Category changed from 144 to Component - NFS

Also available in: Atom PDF