Bug 1202279
| Summary: | UI throws permission denied message when providing discovery roles to a normal user | ||
|---|---|---|---|
| Product: | Red Hat Satellite | Reporter: | Sachin Ghai <sghai> |
| Component: | Discovery Plugin | Assignee: | Lukas Zapletal <lzap> |
| Status: | CLOSED ERRATA | QA Contact: | Sachin Ghai <sghai> |
| Severity: | medium | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 6.1.0 | CC: | bkearney |
| Target Milestone: | Unspecified | Keywords: | Triaged |
| Target Release: | Unused | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| URL: | http://projects.theforeman.org/issues/13829 | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2016-07-27 11:35:25 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 1193977 | ||
| Attachments: | |||
|
Description
Sachin Ghai
2015-03-16 09:47:03 UTC
Also, please note that when user login, UI auto select the "default Location" but not the default_org.. I think that's the issue why we are getting permission denied. Just to clear, when we created the user, we selected the 'Default_org" and default_location" on login, firebug raises this error: "NetworkError: 403 Forbidden - https://dhcp201-163.englab.pnq.redhat.com/hosts" If I assign "view_host" permission to same user along with "Discovery Manager" role then I don't see the permission denied error. So I think we need to add view_host permissions to "Discovery Reader" and "Discovery_Manager" roles. Moving to POST since upstream bug http://projects.theforeman.org/issues/13829 has been closed ------------- Anonymous Applied in changeset commit:foreman_discovery|ee63dc3c74e7e799de43896dc199ea0c7324aa5e. Verified with sat6.2 snap6.2 I don't see view_host permission in discovery_reader and discovery_manager role. Please see the attached screenshots. Created attachment 1144665 [details]
discovery_reader role doesn't have view_hosts permission
Created attachment 1144668 [details]
discovery_manager doesn't include view_hosts permission
The bug was not going through the cherry-picking process properly (again I assumed we will be rebasing). Please cherry pick the linked upstream code: https://github.com/theforeman/foreman_discovery/commit/ee63dc3c74e7e799de43896dc199ea0c7324aa5e Verified with sat6.2 GA snap10. I can see "view_host" permission in discovery_reader and discovery_manager role Created attachment 1154604 [details]
discovery_manager includes "view_host" permission
Created attachment 1154605 [details]
discovery_reader role includes "view_host" permission
I don't see permission denied error on login with user who has assigned either "discovery_manager" role or "discovery_reader" role. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2016:1501 |