Bug 1111070

Summary: Removing a published version from selected environment raises "You are not authorized to perform this action."
Product: Red Hat Satellite Reporter: Tazim Kolhar <tkolhar>
Component: WebUIAssignee: Katello Bug Bin <katello-bugs>
WebUI sub component: Katello QA Contact: Tazim Kolhar <tkolhar>
Status: CLOSED DUPLICATE Docs Contact:
Severity: unspecified    
Priority: unspecified CC: bbuckingham, cwelton, sghai
Version: 6.0.2Keywords: Regression
Target Milestone: Unspecified   
Target Release: Unused   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-06-19 14:09:20 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Delete environment from Version none

Description Tazim Kolhar 2014-06-19 08:07:34 UTC 
Created attachment 910282 [details]
Delete environment from Version

Description of problem:
Deleting Lifecycle Environments from Version is UI fails

Version-Release number of selected component (if applicable):


How reproducible:
everytime

Steps to Reproduce:
1.Go to Content -> Content View
2.Select Content View
3.Select Remove Version
4.Select Lifecycle Environment only to delete
5.Click Next . Click Confirm

Actual results:
The deletion fails with a message
 You are not authorized to perform this action. 

Expected results:
The environments are removed from Version

Additional info:
Screen Shot attached
Comment 1 RHEL Program Management 2014-06-19 08:34:41 UTC 
Since this issue was entered in Red Hat Bugzilla, the release flag has been
set to ? to ensure that it is properly evaluated for this release.
Comment 3 Sachin Ghai 2014-06-19 09:17:14 UTC 
I tried to remove a published cv version from selected env via admin user and got following message on UI:

"You are not authorized to perform this action."

Admin user is a superuser and superuser should be able to perform this action.


logs from Production.log 

Processing by Katello::Api::V2::ContentViewsController#remove as JSON
  Parameters: {"id"=>"2", "environment_ids"=>[3], "organization_id"=>"1", "api_version"=>"v2", "content_view"=>{"id"=>"2"}}
  Rendered api/v2/errors/access_denied.json.rabl (2.5ms)
Filter chain halted as :authorize_remove rendered or redirected
Completed 403 Forbidden in 79ms (Views: 44.7ms | ActiveRecord: 3.3ms)
Comment 4 Brad Buckingham 2014-06-19 14:09:20 UTC 

*** This bug has been marked as a duplicate of bug 1109386 ***