I had a "Full-admin" profile with all permissions in “Administration Profiles” and just "Manage user" permission in the “Organisation Profiles” assigned to all active admin users.
I changed the profile selecting all the permission in the “Administration Profiles” and “Organisation Profiles” and after the change, we can not access the admin organization with any admin user.
The user authentication for the admin users is running properly, I know it because if I use the wrong MFA code I have an error message in the browser, but if I give the right user/password/MFA code the system shows no error message in the browser, but do not shows the admin web page, just still shows the login webpage.
Steps to Reproduce
Log in as admin user in the admin organization
Select "Admin" -> "Profiles"
Create a profile "Full-admin" with all permissions in “Administration Profiles” and just "Manage user" permission in the “Organisation Profiles”
Create a new user new.admin.user
Assign the profile "Full-admin" to a new.admin.user
Logout
Login with the new.admin.user
Assign MFA to new.admin.user
Logout
Login with the new.admin.user using MFA
Select "Admin" -> "Profiles"
Select the profile "Full-admin" and assign all permission in the “Organisation Profiles” (let all permissions in “Administration Profiles” selected) and save the profile
Logout
Login with the new.admin.user using MFA
At this point, the system shows no error message in the browser but does not shows the admin web page, just still shows the login webpage.
Complementary information
/var/log/thehive/application.log do not expose anything about this issue.
I can not access with the default local admin (that has a different profile) because it is blocked
error0x01
commented
2 years ago
Request Type
Bug
Work Environment
Problem Description
I had a "Full-admin" profile with all permissions in “Administration Profiles” and just "Manage user" permission in the “Organisation Profiles” assigned to all active admin users. I changed the profile selecting all the permission in the “Administration Profiles” and “Organisation Profiles” and after the change, we can not access the admin organization with any admin user.
The user authentication for the admin users is running properly, I know it because if I use the wrong MFA code I have an error message in the browser, but if I give the right user/password/MFA code the system shows no error message in the browser, but do not shows the admin web page, just still shows the login webpage.
Steps to Reproduce
At this point, the system shows no error message in the browser but does not shows the admin web page, just still shows the login webpage.
Complementary information
/var/log/thehive/application.log do not expose anything about this issue.
I can not access with the default local admin (that has a different profile) because it is blocked