Bug ID 751196: Administrator users cannot modify user groups of which they are a member

Last Modified: Oct 06, 2020

Bug Tracker

Affected Product:  See more info
BIG-IQ Platform(all modules)

Known Affected Versions:
6.0.1, 6.0.1.1, 6.0.1.2

Fixed In:
7.0.0

Opened: Nov 28, 2018
Severity: 3-Major

Symptoms

When saving changes to a user group you are a part of, the save operation fails with a message: PUT to /mgmt/cm/system/authn/providers/radius/[some_uuid]/user-groups/[some_other_uuid] is unauthorized.

Impact

Edits to the user group fail, making the user group almost uneditable.

Conditions

-- Active user is configured with the Administrators Role. -- That user is in a user group. -- That user then attempts to edit the user group.

Workaround

The user group can be edited by logging in as a different administrator user who is not in the user group. This may or may not be feasible for third-party authentication users, but should be available for the default local admin, 'admin.'

Fix Information

All Administrator users can now edit all user groups, even if they are a member of the user group being edited.

Behavior Change