Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-13190

Admin user can enable/disable action without permissions on it

    XMLWordPrintable

Details

    • Team C
    • Sprint 19, Sprint 21, Sprint 22
    • 0.25

    Description

      Steps to reproduce:
      1. Create admin user
      2. Login as admin user and create action
      3. Open dev tools (F12 - Network - Preserve log)
      4. Select action in list and choose mass enable
      5. Select actionconf.php in dev tools, copy from headers form data
      6. Paste into url and change action id. For example action id=3 (default disabled action for superadmin)
      Result: action status changed
      Expected result: error something like "No permissions to referred object"

      Thanks for report vjaceslavs

      Attachments

        Activity

          People

            gcalenko Gregory Chalenko
            natalja.zabbix Natalja Romancaka
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: