[checkmk-commits] [Checkmk/checkmk] ab3af7: 15890 FIX user: read permissions are now checked i...

Branch: refs/heads/2.2.0 Home: https://github.com/Checkmk/checkmk Commit: ab3af7d6333787a1c9b3f7db825b2a68a77563d3 https://github.com/Checkmk/checkmk/commit/ab3af7d6333787a1c9b3f7db825b2a68a… Author: Gav <gavin.mcguigan(a)checkmk.com> Date: 2023-06-26 (Mon, 26 Jun 2023) Changed paths: A .werks/15890 M cmk/gui/fields/__init__.py M cmk/gui/fields/definitions.py M cmk/gui/plugins/openapi/endpoints/site_management/__init__.py M cmk/gui/plugins/openapi/endpoints/user_config/__init__.py M cmk/gui/plugins/openapi/restful_objects/decorators.py M cmk/gui/plugins/openapi/utils.py M tests/testlib/rest_api_client.py M tests/unit/cmk/gui/plugins/openapi/test_openapi_user.py Log Message: ----------- 15890 FIX user: read permissions are now checked in the request schema before delete/edit/create user When calling either of the following endpoints, a 401 will be returned if the user doesn't have read access for users. POST /domain-types/user_config/collections/all PUT /objects/user_config/{username} DELETE /objects/user_config/{username} The site management endpoint 'site_login' is also affected by this change, since a valid existing user is required to login. CMK-13156 Change-Id: Ic993305594d9e174c3d203fdb6970863508ba281