Unexpected unauthorized to execute a job using RunAs

[urbinet]

Unexpected unauthorized to execute a job using RunAs

From dev team I receive the following information: Is expected because the RunAs is only for log and not for that you will get the permissions of the other user.

Number case: 00075297 Customer: IQVIA Rundeck: 3.4.8 rpm

The customer has two projects, A and B. In the project A has one job that calls to a second job on the project B through inline script using rd cli. The rd cli command line is the following:

rd run -f -u anotherUser -p projectB -i 1700c8fb-cfcc-40f0-b74c-d64fc088d24d

Here calling a second job from projectB executing with another user runAs on acls. Then de second job calls a third job using a reference job workflow as runAs.

The acl local on project B is the following:

The global acls are the following:

For project A is:

For project B is:

**From dev team I receive the information that the RunAs is only for log and not for that you will get the permissions of the other user ** https://docs.rundeck.com/docs/administration/security/authorization.html#project-scope-resources-and-actions

[urbinet]

Here I leave the projects Projects75297.zip .