Piotr Kliczewski has submitted this change and it was merged. Change subject: mla: deny access to specific ID for users in user level API ...................................................................... mla: deny access to specific ID for users in user level API User who don't have manipulate_permission action group should not see users in system, even he shouldn't access them directly by their ID's. Change-Id: I90ec94fd0194680548e159f5d9bc010f5c233b91 Bug-Url: https://bugzilla.redhat.com/1160443 Signed-off-by: Ondra Machacek <machacek.ondra(a)gmail.com&gt; --- M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/GetDbUserByUserIdQuery.java M backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/DbUserDAO.java M backend/manager/modules/dal/src/main/java/org/ovirt/engine/core/dao/DbUserDAODbFacadeImpl.java M packaging/dbscripts/user_sp.sql 4 files changed, 21 insertions(+), 4 deletions(-) Approvals: Alon Bar-Lev: Looks good to me, but someone else must approve Ondřej Macháček: Verified Eli Mesika: Looks good to me, but someone else must approve Yair Zaslavsky: Looks good to me, approved -- To view, visit http://gerrit.ovirt.org/35301 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: merged Gerrit-Change-Id: I90ec94fd0194680548e159f5d9bc010f5c233b91 Gerrit-PatchSet: 4 Gerrit-Project: ovirt-engine Gerrit-Branch: ovirt-engine-3.5 Gerrit-Owner: Alon Bar-Lev <alonbl(a)redhat.com&gt; Gerrit-Reviewer: Alon Bar-Lev <alonbl(a)redhat.com&gt; Gerrit-Reviewer: Eli Mesika <emesika(a)redhat.com&gt; Gerrit-Reviewer: Ondřej Macháček <machacek.ondra(a)gmail.com&gt; Gerrit-Reviewer: Oved Ourfali <oourfali(a)redhat.com&gt; Gerrit-Reviewer: Piotr Kliczewski <piotr.kliczewski(a)gmail.com&gt; Gerrit-Reviewer: Tal Nisan <tnisan(a)redhat.com&gt; Gerrit-Reviewer: Yair Zaslavsky <yzaslavs(a)redhat.com&gt; Gerrit-Reviewer: automation(a)ovirt.org Gerrit-Reviewer: oVirt Jenkins CI Server