Bug 1201606

Summary: Can not delete product with correct permissions
Product: Red Hat Satellite Reporter: Chris Roberts <chrobert>
Component: Users & RolesAssignee: Tom McKay <tomckay>
Status: CLOSED ERRATA QA Contact: Tazim Kolhar <tkolhar>
Severity: high Docs Contact:
Priority: high    
Version: NightlyCC: cwelton, jmontleo, tkolhar, tomckay
Target Milestone: Unspecified   
Target Release: Unused   
Hardware: x86_64   
OS: Linux   
URL: http://projects.theforeman.org/issues/9739
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-08-12 05:30:03 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Chris Roberts 2015-03-13 03:25:18 UTC
Description of problem:

When making a role and filter with the following permissions:
Product and Repositories
sync_products, destroy_products, edit_products, create_products, view_products


Version-Release number of selected component (if applicable):


Installed Packages

    candlepin-0.9.23.1-1.el7.noarch
    candlepin-common-1.0.1-1.el7.noarch
    candlepin-guice-3.0-2_redhat_1.el7.noarch
    candlepin-scl-1-5.el7.noarch
    candlepin-scl-quartz-2.1.5-6.el7.noarch
    candlepin-scl-rhino-1.7R3-3.el7.noarch
    candlepin-scl-runtime-1-5.el7.noarch
    candlepin-selinux-0.9.23.1-1.el7.noarch
    candlepin-tomcat-0.9.23.1-1.el7.noarch
    elasticsearch-0.90.10-6.el7sat.noarch
    katello-1.5.0-30.el7sat.noarch
    katello-certs-tools-1.5.6-1.el7sat.noarch
    katello-default-ca-1.0-1.noarch
    katello-installer-0.0.67-1.el7sat.noarch
    katello-server-ca-1.0-1.noarch
    pulp-admin-client-2.4.4-1.el7sat.noarch
    pulp-katello-0.3-4.el7sat.noarch
    pulp-nodes-common-2.4.4-1.el7sat.noarch
    pulp-nodes-parent-2.4.4-1.el7sat.noarch
    pulp-puppet-plugins-2.4.4-1.el7sat.noarch
    pulp-puppet-tools-2.4.4-1.el7sat.noarch
    pulp-rpm-admin-extensions-2.4.4-1.1.el7sat.noarch
    pulp-rpm-plugins-2.4.4-1.1.el7sat.noarch
    pulp-selinux-2.4.4-1.el7sat.noarch
    pulp-server-2.4.4-1.el7sat.noarch
    python-gofer-qpid-1.3.0-1.el7sat.noarch
    python-isodate-0.5.0-1.pulp.el7sat.noarch
    python-kombu-3.0.15-12.pulp.el7sat.noarch
    python-pulp-bindings-2.4.4-1.el7sat.noarch
    python-pulp-client-lib-2.4.4-1.el7sat.noarch
    python-pulp-common-2.4.4-1.el7sat.noarch
    python-pulp-puppet-common-2.4.4-1.el7sat.noarch
    python-pulp-rpm-common-2.4.4-1.1.el7sat.noarch
    python-qpid-0.22-15.el7.noarch
    python-qpid-qmf-0.22-37.el7.x86_64
    qpid-cpp-client-0.22-42.el7.x86_64
    qpid-cpp-server-0.22-42.el7.x86_64
    qpid-cpp-server-linearstore-0.22-42.el7.x86_64
    qpid-java-client-0.22-7.el7.noarch
    qpid-java-common-0.22-7.el7.noarch
    qpid-proton-c-0.7-2.el7.x86_64
    qpid-qmf-0.22-37.el7.x86_64
    qpid-tools-0.22-13.el7.noarch
    ruby193-rubygem-katello-1.5.0-93.el7sat.noarch
    rubygem-hammer_cli_katello-0.0.4-14.el7sat.noarch
    rubygem-smart_proxy_pulp-1.0.1-1.1.el7sat.noarch
    satellite1.released-el7.satellite.lab.eng.rdu2.redhat.com-qpid-broker-1.0-1.noarch
    satellite1.released-el7.satellite.lab.eng.rdu2.redhat.com-qpid-client-cert-1.0-1.noarch




How reproducible:


Steps to Reproduce:
1. create role named test
2. create a new filter with the resource Product and Repositories
3. assign sync_products, destroy_products, edit_products, create_products, view_products
4. give role to user
5. user logs in and can not delete 3rd party products/repos or Red Hat products/repos

Actual results:
Only option present is a sync option

Expected results:
Repos and products can be deleted based on the permissions given

Additional info:

Comment 1 RHEL Program Management 2015-03-13 03:43:19 UTC
Since this issue was entered in Red Hat Bugzilla, the release flag has been
set to ? to ensure that it is properly evaluated for this release.

Comment 3 Tom McKay 2015-03-13 11:14:16 UTC
Connecting redmine issue http://projects.theforeman.org/issues/9739 from this bug

Comment 4 Bryan Kearney 2015-03-16 18:05:42 UTC
Moving to POST since upstream bug http://projects.theforeman.org/issues/9739 has been closed
-------------
Thomas McKay
Applied in changeset commit:katello|be66aa5573da166709a8c63ead9b0e2a097c0150.

Comment 7 Tazim Kolhar 2015-03-25 10:30:21 UTC
VERIFIED :

# rpm -qa | grep foreman
foreman-debug-1.7.2.13-1.el7sat.noarch
ruby193-rubygem-foreman_hooks-0.3.7-2.el7sat.noarch
rubygem-hammer_cli_foreman-0.1.4.6-1.el7sat.noarch
foreman-ovirt-1.7.2.13-1.el7sat.noarch
foreman-proxy-1.7.2.4-1.el7sat.noarch
dhcp201-150.englab.pnq.redhat.com-foreman-client-1.0-1.noarch
dhcp201-150.englab.pnq.redhat.com-foreman-proxy-1.0-2.noarch
rubygem-hammer_cli_foreman_discovery-0.0.1.3-1.el7sat.noarch
foreman-compute-1.7.2.13-1.el7sat.noarch
foreman-libvirt-1.7.2.13-1.el7sat.noarch
ruby193-rubygem-foreman_docker-1.2.0.6-1.el7sat.noarch
ruby193-rubygem-foreman-redhat_access-0.0.9-1.el7sat.noarch
foreman-selinux-1.7.2.8-1.el7sat.noarch
dhcp201-150.englab.pnq.redhat.com-foreman-proxy-client-1.0-1.noarch
foreman-discovery-image-2.1.0-9.el7sat.noarch
rubygem-hammer_cli_foreman_bootdisk-0.1.2.5-1.el7sat.noarch
foreman-vmware-1.7.2.13-1.el7sat.noarch
ruby193-rubygem-foreman-tasks-0.6.12.3-1.el7sat.noarch
ruby193-rubygem-foreman_gutterball-0.0.1.9-1.el7sat.noarch
ruby193-rubygem-foreman_bootdisk-4.0.2.9-1.el7sat.noarch
foreman-gce-1.7.2.13-1.el7sat.noarch
foreman-1.7.2.13-1.el7sat.noarch
ruby193-rubygem-foreman_discovery-2.0.0.8-1.el7sat.noarch
foreman-postgresql-1.7.2.13-1.el7sat.noarch
rubygem-hammer_cli_foreman_tasks-0.0.3.3-1.el7sat.noarch


repos and products can be deleted

Comment 8 Bryan Kearney 2015-08-11 13:36:26 UTC
This bug is slated to be released with Satellite 6.1.

Comment 9 errata-xmlrpc 2015-08-12 05:30:03 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2015:1592