Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-4007

"Certification Authorities" and "Publishers" missing from admin menu with access rule /ca_functionality (recursive, accept)

    Details

    • Issue discovered during:
      Integration

      Description

      The "Certificate Authorities" and "Publishers" link are missing from the admin menu even if the administrator's role has been granted full recursive rights on the privilege "/ca_functionality".

      Reproduction steps:

      1. Issue a new EJBCA administrator certificate. We will refer to this certificate as "Test Admin".

      2. Create a new EJBCA role called "Test CA Admin" with privileges set as follows:

      • / (non-recursive, accept)
      • /administrator (non-recursive, accept)
      • /ca_functionality (recursive, accept)
      • /ca (recursive, accept)

      3. Register certificate "Test Admin" in role "Test CA Admin".

      4. Open the admin web GUI using the "Test Admin" certificate for login credentials.

      Expected results:

      1. Link "Certification Authorities" is visible in the admin menu.

      2. Link "Publishers" is visible in the admin menu.

      Actual results:

      1. Link "Certificate Authorities" is not visible in the admin menu.

      2. Link "Publishers" is not visible in the admin menu.

      Additional information:

      Accessing the "Certificate Authorities"/"Publishers" pages manually (by specifying the link to those pages directly in browser URL) will still allow the administrator to access the functionality. Therefore it's probably just invalid check for the menu.

      Doing a quick grep for /super_administrator (Mike pointed out this earlier to me) reveals that access rule "/super_administrator" is still being referenced in a number of jsp pages.

        Attachments

          Activity

            People

            Assignee:
            mikek Mike Agrenius Kushner
            Reporter:
            branko Branko Majic (Inactive)
            Verified by:
            Aveen Ismail (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: