Bug 1283274

Summary: Tenant administrator has no rights to create new Cloud instances
Product: Red Hat CloudForms Management Engine Reporter: Pavol Kotvan <pakotvan>
Component: UI - OPSAssignee: Zita Nemeckova <znemecko>
Status: CLOSED ERRATA QA Contact: Pavol Kotvan <pakotvan>
Severity: medium Docs Contact:
Priority: medium    
Version: 5.5.0CC: hkataria, jhardy, mpovolny, obarenbo, simaishi
Target Milestone: GA   
Target Release: 5.6.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: rbac:tenant_cfme
Fixed In Version: 5.6.0.6 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-06-29 15:09:35 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: Bug
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Pavol Kotvan 2015-11-18 15:13:06 UTC 
Description of problem:
When tenant admin would like to add new Cloud instance, he cannot see Lifecycle button and therefore he is not able provision new instances.

Version-Release number of selected component (if applicable):
5.5.0.10-beta2.1.20151110134042_d6f5459

How reproducible:
always

Steps to Reproduce:
1. Create new tenant
2. Create new group, assign tenant and EvmRole-tenant_administrator role to it
3. Create new tenant admin user and assign group created in previous step to this user
4. Login as tenant admin
5. Go to Cloud -> Instances

Actual results:
Tenant administrator has no rights to create new Cloud instances. There is Lifecycle button missing.

Expected results:
Tenant admin is able to create new instances.

Additional info:
This was tested with RHOS7-GA and Amazon providers. Superadmin can add new instances.
Comment 3 Harpreet Kataria 2016-05-04 14:40:52 UTC 
Zita,

all_vm_rules is missing from OOTB tenant admin roles EvmRole-tenant_administrator, EvmRole-tenant_quota_administrator in db/fixtures/miq_user_roles.yml 
Above mentioned both roles already have access to VM* explorers.
Let me know if you have questions.

Thanks,
~Harpreet
Comment 4 CFME Bot 2016-05-05 12:20:43 UTC 
https://github.com/ManageIQ/manageiq/pull/8477
Comment 5 CFME Bot 2016-05-06 22:05:46 UTC 
New commit detected on ManageIQ/manageiq/master:
https://github.com/ManageIQ/manageiq/commit/92f7235d2b21d83f33a905d81c91e634ca514795

commit 92f7235d2b21d83f33a905d81c91e634ca514795
Author:     Zita Nemeckova <znemecko>
AuthorDate: Thu May 5 14:09:31 2016 +0200
Commit:     Zita Nemeckova <znemecko>
CommitDate: Thu May 5 14:09:31 2016 +0200

    Add rights to tenant administrator to create new Cloud instance
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1283274

 db/fixtures/miq_user_roles.yml | 2 ++
 1 file changed, 2 insertions(+)
Comment 6 CFME Bot 2016-05-17 17:24:48 UTC 
https://github.com/ManageIQ/manageiq/pull/8473
Comment 9 errata-xmlrpc 2016-06-29 15:09:35 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2016:1348