Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Irritating error message when user tries to enroll token #1747

Closed
fredreichbier opened this issue Jul 16, 2019 · 1 comment

Comments

@fredreichbier
Copy link
Member

commented Jul 16, 2019

Steps to reproduce:

  • Define a policy with scope user, e.g. with action=enrollSPASS
  • Log in as user, navigate to Enroll Token
  • We get a red popup: "User actions are defined, but the action radiusserver_read is not allowed!"

This is because the WebUI requests GET /radiusserver/, even if the user is not allowed to enroll RADIUS tokens. As a side effect of #1495, this endpoint is not allowed for users by default anymore: We would need a policy with scope user and action radiusserver_read to allow users to retrieve the list of RADIUS servers. But we cannot create it.

@fredreichbier

This comment has been minimized.

Copy link
Member Author

commented Jul 16, 2019

With PR #1748, /radiusserver/ is only retrieved if the user actually tries to enroll a RADIUS token. However, then the user is still not able to actually enroll a RADIUS token, and I opened #1749 for this issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
1 participant
You can’t perform that action at this time.