A user with the ALL_RESOURCES ACL can search for and reveal the existence of tenants even when they are not assigned to them.
Steps To Reproduce
Create a Principal within an lhCluster that has the ACL_ALL_RESOURCES ACL permission scoped to a specific tenant (example: test).
Create another tenant within the same lhCluster that the new Principal does not have access to.
Run a SearchTenant request as the Principal defined in Step 1.
BUG: Server returns both tenants, including the one the Principal is assigned to AND the one the Principal is not assigned to
Expected Behavior
A non-admin user with the ALL_RESOURCES permission that runs a SearchTenant request should only receive a list of the tenants they are assigned to. This is to protect the privacy of other tenants within the same cluster.
Context
A user with the
ALL_RESOURCESACL can search for and reveal the existence of tenants even when they are not assigned to them.Steps To Reproduce
lhClusterthat has theACL_ALL_RESOURCESACL permission scoped to a specific tenant (example: test).lhClusterthat the new Principal does not have access to.SearchTenantrequest as the Principal defined in Step 1.Expected Behavior
A non-admin user with the
ALL_RESOURCESpermission that runs a SearchTenant request should only receive a list of the tenants they are assigned to. This is to protect the privacy of other tenants within the same cluster.Screenshots
No response
Additional Context
No response
Components
Server