Check_MK Werk 8021: hostgroups servicegroups: fixed host / service visible when using group_authorization AUTH_STRICT

ID: 8021 Title: hostgroups servicegroups: fixed host / service visible when using group_authorization AUTH_STRICT Component: Livestatus Level: 1 Class: Bug fix Version: 1.2.5i5 This only applies with the setting group_authorization = AUTH_STRICT. When an auth user was given the livestatus tables hostgroups and servicegroups did not check if the auth user had permissions to all objects of the group. As a result the user was able to view host- and servicegroups, even if he was not a contact for every object in it. However, the "forbidden" object itself was not returned, just a subset of the group. This was incorrect. The user needs to be contact of every element in this group. Otherwise he should not see the group at all..