Skip to content

Restrict suspending orgs to admins (#5173)#5181

Merged
johha merged 2 commits into
mainfrom
issue-5173
Jun 15, 2026
Merged

Restrict suspending orgs to admins (#5173)#5181
johha merged 2 commits into
mainfrom
issue-5173

Conversation

@johha

@johha johha commented Jun 12, 2026

Copy link
Copy Markdown
Contributor

Mutating the suspended field is now admin-only on:

  • POST /v3/organizations
  • PATCH /v3/organizations/:guid
  • POST /v2/organizations (status: 'suspended')
  • PUT /v2/organizations/:guid (status: 'suspended')

Non-admins receive 403; sending the current value (no-op echo) remains allowed so GET-modify-PATCH clients are not broken. Fixes issue #5173

  • I have reviewed the contributing guide

  • I have viewed, signed, and submitted the Contributor License Agreement

  • I have made this pull request to the main branch

  • I have run all the unit tests using bundle exec rake

  • I have run CF Acceptance Tests

@johha
Restrict suspending orgs to admins (#5173)
fd03d2a 
Mutating the `suspended` field is now admin-only on:
 - POST /v3/organizations
 - PATCH /v3/organizations/:guid
 - POST /v2/organizations (status: 'suspended')
 - PUT /v2/organizations/:guid (status: 'suspended')

Non-admins receive 403; sending the current value (no-op echo) remains allowed so GET-modify-PATCH clients are not broken.
Fixes issue #5173
@johha johha marked this pull request as ready for review June 12, 2026 15:33
philippthun
philippthun reviewed Jun 15, 2026
View reviewed changes
Comment thread app/controllers/v3/organizations_controller.rb Outdated
Comment thread spec/request/organizations_spec.rb Outdated
Comment thread spec/request/organizations_spec.rb Outdated
@johha johha requested a review from philippthun June 15, 2026 12:45
@johha johha merged commit 0e8d3b7 into main Jun 15, 2026
12 checks passed
@johha johha deleted the issue-5173 branch June 15, 2026 13:24
@johha johha mentioned this pull request Jun 15, 2026
Closed
ari-wg-gitbot added a commit to cloudfoundry/capi-release that referenced this pull request Jun 15, 2026
@ari-wg-gitbot
Bump cloud_controller_ng
c6d1c1e 
Changes in cloud_controller_ng:

- Restrict suspending orgs to admins (#5173)
    PR: cloudfoundry/cloud_controller_ng#5181
    Author: Johannes Haass <johannes.haass@sap.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@philippthun philippthun philippthun approved these changes

Assignees

No one assigned

Labels

needs_review

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@johha @philippthun