Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-7480

When creating an EndEntity in RA Web and delete_end_entity accessrule is disabled, the process ends incorrectly with success but end entity is not created

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: EJBCA 7.0.0
    • Fix Version/s: EJBCA 7.0.0
    • Component/s: None
    • Labels:
      None
    • Issue discovered during:
      Testing
    • Sprint:
      EJBCA Team Alice - 2018 w48

      Description

      Discovered while exploratory testing ECA-7256

      Observed result:

      success message "End entity with username 'user1' has been added successfully"

      and log entry:

      [org.ejbca.core.model.era.RaMasterApiSessionBean] (default task-80) Missing */delete_end_entity rights for user 'CN=anything,O=EE' to be able to add an end entity (Delete is only needed for clean-up if something goes wrong after an end-entity has been added)

      Expected result:

      failure message on RA Web enrollmakenewrequest page.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              hsunmark Henrik Sunmark
              Reporter:
              tarmo_helmes Tarmo Raudsep (Inactive)
              Verified by:
              Tarmo Raudsep (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - 5 hours
                  5h
                  Remaining:
                  Time Spent - 1 hour Remaining Estimate - 4 hours
                  4h
                  Logged:
                  Time Spent - 1 hour Remaining Estimate - 4 hours
                  1h