Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Admin Settings Available to all Users When Plugin Enabled #47

Closed
TonyWarner opened this issue Jan 28, 2021 · 2 comments
Closed

Admin Settings Available to all Users When Plugin Enabled #47

TonyWarner opened this issue Jan 28, 2021 · 2 comments

Comments

@TonyWarner
Copy link

I'm using this plugin to authenticate into Redmine via Keycloack, but once enabled I'm seeing that non-admin users are able to access the /admin page by appending /admin to the hostname. Once on that page, they have read access to a majority of and both read and write access to several, of the admin settings. Pages, where they have read and write access, include, "Users" and all plugins.

I tested this with several different settings changes in both the plugin and within Keycloak and it has not alleviated the issue.

Has anyone else had this same issue?

Application: Docker Bitnami/Redmine 4.1.1 and Docker Redmine 4.1.1
Plugin Version: 0.9.4
IDP: Keycloak
@corybolar
Copy link
Contributor

This should be fixed with #48

@triplem triplem closed this as completed Feb 24, 2021
@triplem
Copy link
Contributor

triplem commented Feb 24, 2021

Closing, since #48 is already merged.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@triplem @corybolar @TonyWarner