console icon indicating copy to clipboard operation
console copied to clipboard
verified publisher icon kubesphere

Workspace members with only the 'App Template Viewing' permission are allowed to replace Helm charts

Open patrickluoyu opened this issue 3 years ago • 2 comments

Describe the bug Workspace members with only the 'App Template Viewing' permission are allowed to replace Helm charts.

Versions used(KubeSphere/Kubernetes) KubeSphere: v3.3.0-rc.0

To Reproduce Steps to reproduce the behavior:

  1. Create a user and assign the role 'platform-regular' to the user.
  2. In a workspace, create a role 'test' and assign only the permission 'App Template Viewing' to the role.
  3. Invite the user to the workspace and assign the role 'test' to the user.
  4. Log in as the user and go to the app template details page. The user is allowed to click 'Upload' and change the Helm chart of an app version.
image

Expected behavior Workspace members with only the 'App Template Viewing' permission should not be allowed to replace Helm charts.

/assign @harrisonliu5 @wansir

patrickluoyu avatar Jun 06 '22 08:06 patrickluoyu

/priority medium

wansir avatar Jun 07 '22 02:06 wansir

/assign

weili520 avatar Jul 15 '22 09:07 weili520

issue fixed in ks v3.3.1-rc.0

wenxinll avatar Aug 18 '22 08:08 wenxinll