Bug 1214296

Summary: access permissions to "utilization" data not granted unless "everything" is selected for a role
Product: Red Hat CloudForms Management Engine Reporter: Felix Dewaleyne <fdewaley>
Component: UI - OPSAssignee: Harpreet Kataria <hkataria>
Status: CLOSED DUPLICATE QA Contact: Dave Johnson <dajohnso>
Severity: high Docs Contact:
Priority: high    
Version: 5.3.0CC: fdewaley, hkataria, jhardy, mpovolny, obarenbo
Target Milestone: GA   
Target Release: 5.4.0   
Hardware: All   
OS: All   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-04-22 21:43:04 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Felix Dewaleyne 2015-04-22 11:24:53 UTC 
Description of problem:
Users with full access to infrastructure and/or services  and optimization > utlization are unable to access the "utlization" pages with a permission error on xxx/perf_chart_chooser  where xxx was seen to be replaced by vm_infra or vm_or_template. Short of selecting "everything" itself in the role's permissions the access is not granted.

Version-Release number of selected component (if applicable):
5.3.3.2

How reproducible:
all the time

Steps to Reproduce:
1. create a new role cloned from vm_user or entirely a new role
2. associate a user to that role through a group
3. make sure to give the user access to services or infrastructure/virtual_machines and optimize / utlization or all of optimize
4. go to services/workload or infrastructure/virtual machines
5. click on a machine / workload
6. click on "monitoring / utilization"

Actual results:
a permission error is displayed stating that permission to [vm_infra/perf_chart_chooser] is not granted to the user - there are variants of the error depending on the page but the perf_chart_chooser part never changes.

Expected results:
able to see the utilization data

Additional info:
this happens even if selecting every sub-option (not clicking on "everything" itself) - the only way to grant permissions is to select "everything" when configuring the role ; I highly suspect this happens for "cloud" sections as well (didn't test, no instance available).
the default role "administrator" does not give access either. only super admin.