Do not update roles in the CSE edition

If the role is not in shown on the page than `get_security_userattrs` cannot find any set roles in the POST request and stores 0 roles, removing any rights from the user. The POST request is send when you change the set the password of an automation user and save. In the CSE we deactivated the option to change automation user roles by choice. A common error of users is to misconfigure the default automation users. That would lead to broken sites. Change-Id: I2ee6b8fba701b2346d4ba07951087acf353e809e
Checkmk · Nov 17, 2023 · 3bd9c19 · 3bd9c19
1 parent 5a1f050
commit 3bd9c19
Showing 1 changed file with 4 additions and 3 deletions.
diff --git a/cmk/gui/wato/pages/users.py b/cmk/gui/wato/pages/users.py
@@ -899,9 +899,10 @@ def _get_security_userattrs(self, user_attrs: UserSpec) -> None:
             user_attrs["serial"] = user_attrs.get("serial", 0) + 1
 
         # Roles
-        user_attrs["roles"] = [
-            role for role in self._roles.keys() if html.get_checkbox("role_" + role)
-        ]
+        if edition() != Edition.CSE:
+            user_attrs["roles"] = [
+                role for role in self._roles.keys() if html.get_checkbox("role_" + role)
+            ]
 
     def page(self) -> None:  # pylint: disable=too-many-branches
         # Let exceptions from loading notification scripts happen now