Bug 1247715

Summary: User 'production' is not authorized to access 'Provider' record id '10' on accessing Satellite provider when Quota is assigned
Product: Red Hat CloudForms Management Engine Reporter: Aziza Karol <akarol>
Component: UI - OPSAssignee: Aparna Karve <akarve>
Status: CLOSED ERRATA QA Contact: Aziza Karol <akarol>
Severity: medium Docs Contact:
Priority: medium    
Version: 5.4.0CC: cpelland, hkataria, jhardy, jprause, mfeifer, mpovolny, obarenbo
Target Milestone: GAKeywords: ZStream
Target Release: 5.5.2   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: 5.5.2.1 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1290837 (view as bug list) Environment:
Last Closed: 2016-02-10 15:20:02 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1290837    
Attachments:
Description Flags
snpshot none

Description Aziza Karol 2015-07-28 16:02:11 UTC
Created attachment 1057060 [details]
snpshot

Description of problem:


Version-Release number of selected component (if applicable):
5.4.1

How reproducible:
100%

Steps to Reproduce:
1. Add satellite provider 
2.create a new group with role "EvmRole-administrator" and and set tag "Quota-max memory" to 2GB
3.create a new user base on above group
4.login with the above user and navigate to infrastructure-> configuration management and click on the satellite provider in accordion

Actual results:
User 'production' is not authorized to access 'Provider' record id '10'. see attached screenshot

Expected results:
should be accessible

Additional info:

Comment 3 CFME Bot 2015-12-03 15:55:22 UTC
New commit detected on ManageIQ/manageiq/master:
https://github.com/ManageIQ/manageiq/commit/6e64846f7f1fa689518687bc52bfe9f64ce43f72

commit 6e64846f7f1fa689518687bc52bfe9f64ce43f72
Author:     Aparna Karve <akarve>
AuthorDate: Wed Nov 25 14:49:27 2015 -0800
Commit:     Aparna Karve <akarve>
CommitDate: Thu Dec 3 10:43:13 2015 +0100

    Apply RBAC filtering to the foreman tree objects
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1247715

 app/controllers/application_controller.rb          | 25 +++++------
 app/controllers/provider_foreman_controller.rb     | 49 ++++++++++++++--------
 app/models/configuration_profile.rb                |  2 +-
 .../manageiq/providers/configuration_manager.rb    |  4 +-
 .../configuration_manager/configuration_profile.rb |  4 ++
 .../configuration_manager/configured_system.rb     |  4 ++
 app/models/rbac.rb                                 | 13 +++---
 app/presenters/tree_builder.rb                     | 16 +++----
 app/presenters/tree_builder_foreman.rb             | 11 ++---
 .../provider_foreman_controller_spec.rb            |  4 +-
 10 files changed, 79 insertions(+), 53 deletions(-)

Comment 4 CFME Bot 2015-12-07 22:57:41 UTC
New commit detected on cfme/5.5.z:
https://code.engineering.redhat.com/gerrit/gitweb?p=cfme.git;a=commitdiff;h=1cd23ef4dd1b6ae01ced329756ebd614281bb2d1

commit 1cd23ef4dd1b6ae01ced329756ebd614281bb2d1
Merge: 5694b4d 766b947
Author:     Dan Clarizio <dclarizi>
AuthorDate: Mon Dec 7 17:49:53 2015 -0500
Commit:     Dan Clarizio <dclarizi>
CommitDate: Mon Dec 7 17:49:53 2015 -0500

    Merge branch 'rbac_foreman' into '5.5.z'
    
    BZ1247715 - Apply RBAC filtering to the foreman tree objects
    
    Clean cherry-pick
    Upstream PR - https://github.com/ManageIQ/manageiq/pull/5665
    
    Apply RBAC filtering to the Foreman tree nodes based on the logged-in user's tag settings.
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1247715
    
    See merge request !582

 app/controllers/application_controller.rb          | 25 +++++------
 app/controllers/provider_foreman_controller.rb     | 48 ++++++++++++++--------
 app/models/configuration_profile.rb                |  2 +-
 .../manageiq/providers/configuration_manager.rb    |  4 +-
 .../configuration_manager/configuration_profile.rb |  4 ++
 .../configuration_manager/configured_system.rb     |  4 ++
 app/models/rbac.rb                                 | 13 +++---
 app/presenters/tree_builder.rb                     | 16 ++++----
 app/presenters/tree_builder_foreman.rb             | 11 +++--
 .../provider_foreman_controller_spec.rb            | 29 +++++++++++++
 10 files changed, 106 insertions(+), 50 deletions(-)

Comment 5 CFME Bot 2015-12-07 22:57:45 UTC
New commit detected on cfme/5.5.z:
https://code.engineering.redhat.com/gerrit/gitweb?p=cfme.git;a=commitdiff;h=4f2cfff4d55a7aa55614114864ba895b6f9be7ef

commit 4f2cfff4d55a7aa55614114864ba895b6f9be7ef
Author:     Aparna Karve <akarve>
AuthorDate: Wed Nov 25 14:49:27 2015 -0800
Commit:     Aparna Karve <akarve>
CommitDate: Fri Dec 4 09:52:11 2015 +0100

    Apply RBAC filtering to the foreman tree objects
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1247715

 app/controllers/application_controller.rb          | 25 +++++------
 app/controllers/provider_foreman_controller.rb     | 49 ++++++++++++++--------
 app/models/configuration_profile.rb                |  2 +-
 .../manageiq/providers/configuration_manager.rb    |  4 +-
 .../configuration_manager/configuration_profile.rb |  4 ++
 .../configuration_manager/configured_system.rb     |  4 ++
 app/models/rbac.rb                                 | 13 +++---
 app/presenters/tree_builder.rb                     | 16 +++----
 app/presenters/tree_builder_foreman.rb             | 11 ++---
 .../provider_foreman_controller_spec.rb            |  4 +-
 10 files changed, 79 insertions(+), 53 deletions(-)

Comment 7 Aziza Karol 2016-01-19 06:22:38 UTC
satellite provider accessible.

Verified in Verified in 5.5.2.1.20160114044944_395c086

Comment 9 errata-xmlrpc 2016-02-10 15:20:02 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2016:0159