opencloud icon indicating copy to clipboard operation
opencloud copied to clipboard
Published 3 weeks ago verified publisher icon opencloud-eu

multi-tenancy: Space admin can still list spaces from all tenants

Open rhafer opened this issue 2 months ago • 1 comments

Describe the bug

In a multi-tenant setup, any user with the role SpaceAdmin can list all space from all tenants

Steps to reproduce

  1. deploy a multi-tenant enabled OpenCloud (e.g. using https://github.com/opencloud-eu/opencloud/pull/1637)
  2. assign one user from each tenant the role SpaceAdmin using keycloak
  3. As a SpaceAdmin of the first tenant create a new Space (no need to assign any users to it)
  4. As the SpaceAdmin of the second tenant open the Admin Settings -> Spaces page.
  5. The Space created for tenant one is listed.

Expected behavior

Only Space from the same tenant are visible to a SpaceAdmin

rhafer avatar Oct 14 '25 15:10 rhafer

I'd consider this a Prio 2 issue for now as multi-tenancy is not yet a production feature.

rhafer avatar Oct 14 '25 15:10 rhafer