The history displayed in katello for an organization comes directly from candlepin, which has no knowledge of katello users. This history, then, contains information from across the entire katello organization's users. While logged into katello as a user named "User1" the history displayed contains events generated by user "admin".
2012-06-22 admin consumed a subscription for product Red Hat Enterprise Linux Server, Standard (1 Virtual Machine up to 8 vCPUs) 2012-06-22 admin consumed a subscription for product Resilient Storage (8 sockets) 2012-06-22 admin created a pool for product Resilient Storage (8 sockets) 2012-06-22 admin consumed a subscription for product Red Hat Enterprise Linux Server, Standard (1 Virtual Machine up to 8 vCPUs) 2012-06-22 admin consumed a subscription for product High-Availability (8 sockets) 2012-06-22 admin created a pool for product High-Availability (8 sockets) 2012-06-22 admin created new consumer sys-TEST-v 2012-06-22 admin created new consumer sys-DEV-v
Is this a concern, or is it alright to consider that "read access" to a katello organization means visibility of all candlepin events?
On 06/28/2012 10:02 AM, Tom McKay wrote:
The history displayed in katello for an organization comes directly from candlepin, which has no knowledge of katello users. This history, then, contains information from across the entire katello organization's users. While logged into katello as a user named "User1" the history displayed contains events generated by user "admin".
2012-06-22 admin consumed a subscription for product Red Hat Enterprise Linux Server, Standard (1 Virtual Machine up to 8 vCPUs) 2012-06-22 admin consumed a subscription for product Resilient Storage (8 sockets) 2012-06-22 admin created a pool for product Resilient Storage (8 sockets) 2012-06-22 admin consumed a subscription for product Red Hat Enterprise Linux Server, Standard (1 Virtual Machine up to 8 vCPUs) 2012-06-22 admin consumed a subscription for product High-Availability (8 sockets) 2012-06-22 admin created a pool for product High-Availability (8 sockets) 2012-06-22 admin created new consumer sys-TEST-v 2012-06-22 admin created new consumer sys-DEV-v
I think it is fine. If you can read a system, you should be able to see it history.
-- bk
candlepin@lists.stg.fedorahosted.org