-
Type:
Problem report
-
Resolution: Duplicate
-
Priority:
Trivial
-
None
-
Affects Version/s: 8.0.0alpha2 (master)
-
Component/s: None
-
None
Summary
By introducing ZBXNEXT-10334 there is a need to improve users configuration screen in Zabbix as API might be enabled, but there will be no access due to empty allow list.
Steps to reproduce:
- Create user role with enabled "Allow API" but with no API methods in allow/deny lists.
- Navigate to user configuration screen
- Observe Access to API is enabled, but there is no info about API methods being allowed/denied.
Result:
Expected:
Add "Denied methods" None or "Allowed methods" None when Access to API is enabled with empty Allow/Deny lists.
- duplicates
-
ZBXNEXT-10334 Users with an empty API Allow list can execute some API actions
-
- Manual Test Failed
-