Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Normal users without admin rights can still create apps, gateways #7093

Closed
3 of 6 tasks
kewe1 opened this issue May 21, 2024 · 2 comments
Closed
3 of 6 tasks

Normal users without admin rights can still create apps, gateways #7093

kewe1 opened this issue May 21, 2024 · 2 comments
Assignees
@nicholaspcr
Labels
needs/triage We still need to triage this

Comments

@kewe1
Copy link

kewe1 commented May 21, 2024

Summary

On my private TTS environment iothink-solutions.eu1.cloud.thethings.industries. I need to invite some users with limited access and rights that corresponds to their organization.

For some reason, despite having set as a non admin and having those option checked, the user can still create his own application and gateways :
image
image

Steps to Reproduce

1 invite a new user in user management as approved without admin rights
2 create an organization with roles limiting the user to only see and interact on his organization app
3 connect on this new user
3 the new user can create a new application outside his organization

Current Result

The user shouldn't be authorized to create apps and gateways outside his organization without admin rights

Expected Result

The user can only interact with his application from his organization. Since he is not an admin, he cannot create an app or gateway outside of his organization possible rights.

Relevant Logs

No response

URL

iothink-solutions.eu1.cloud.thethings.industries

Deployment

The Things Stack Cloud

The Things Stack Version

No response

Client Name and Version

No response

Other Information

No response

Proposed Fix

No response

Contributing

  • I can help by doing more research.
  • I can help by implementing a fix after the proposal above is approved.
  • I can help by testing the fix before it's released.

Validation

Code of Conduct
@kewe1 kewe1 added the needs/triage We still need to triage this label May 21, 2024
@nicholaspcr
Copy link
Contributor

Hello @kewe1, this happens because the tenant configuration is cached.
The changes have an affect after 10 minutes, so after this time window the non admin users should not be able to create the referenced entities.

Let me know if this is not the case.

@kewe1
Copy link
Author

kewe1 commented May 27, 2024

Hello @nicholaspcr,

Indeed, when I tested, it was within that 10minute frame, I can confirm that I cannot create applications now as a normal user.
Good to know and sorry for creating an issue that was just a cache configuration timing!

Thanks!

@kewe1 kewe1 closed this as completed May 27, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@nicholaspcr nicholaspcr

Labels
needs/triage We still need to triage this
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@nicholaspcr @kewe1