ACL to hide job hidden options
42 views
Skip to first unread message
mezam
Jan 15, 2023, 5:13:03 AM1/15/23
to rundeck-discuss
Hello,
I don't find the ACL syntax to hide those options that were configured to be hidden. When a user fills all mandatory options and run the job, the interface shows a summary of all available options, including the ones that were configured as hidden. So users can see variables, file paths, file names that should not be viewable. They also show up in the job activity. For the same reason also the option to download the job definition should be unavailable. This is the ACL I have at present. If I remove read the job is not visible entirely:
---
description: Jobbers, Projects access.
context:
project: 'xxx-Tasks'
for:
resource:
- allow: read
adhoc:
- allow: [read,run,kill]
job:
- allow: [read,run,kill]
node:
- allow: [read,refresh,run]
by:
group: GG-xxxx
---
description: Jobbers access to rundeck.
context:
application: 'rundeck'
for:
resource:
- allow: read
project:
- allow: read
project_acl:
- allow: read
storage:
- allow: read
by:
group: GG-xxxx
description: Jobbers, Projects access.
context:
project: 'xxx-Tasks'
for:
resource:
- allow: read
adhoc:
- allow: [read,run,kill]
job:
- allow: [read,run,kill]
node:
- allow: [read,refresh,run]
by:
group: GG-xxxx
---
description: Jobbers access to rundeck.
context:
application: 'rundeck'
for:
resource:
- allow: read
project:
- allow: read
project_acl:
- allow: read
storage:
- allow: read
by:
group: GG-xxxx
mezam
Jan 16, 2023, 10:09:32 AM1/16/23
to rundeck-discuss
Hi Reiner,
yes, I do. I'll open a new issue, many thanks
Reply all
Reply to author
Forward
0 new messages