Bug 1309737

https://github.com/ManageIQ/manageiq/pull/6864

New commit detected on ManageIQ/manageiq/master:
https://github.com/ManageIQ/manageiq/commit/2352bb7936957ac5566e8c0d08cef6e41326c6ea

commit 2352bb7936957ac5566e8c0d08cef6e41326c6ea
Author:     Harpreet Kataria <hkataria>
AuthorDate: Mon Feb 22 14:21:54 2016 -0500
Commit:     Harpreet Kataria <hkataria>
CommitDate: Mon Feb 22 15:03:59 2016 -0500

    Redirect user to appropriate screen when rbac access is not allowed.
    
    When clicking on a link to go to a VM summary screen from dashboard widgets redirect user to Workloads explorer when user is not allowed to see Infrastructure/Virtual Machines or Cloud/Instances explorer based upon record type. Redirect user back to Dashboard with a flash message when user does not have access to any of the VM accordions in VM* explorers.
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1309473
    https://bugzilla.redhat.com/show_bug.cgi?id=1309737

 app/controllers/vm_common.rb       | 28 ++++++++++++++++++++++++++--
 app/views/dashboard/show.html.haml |  1 +
 spec/controllers/vm_common_spec.rb | 36 ++++++++++++++++++++++++++++++++++++
 3 files changed, 63 insertions(+), 2 deletions(-)

http://gitlab.cloudforms.lab.eng.rdu2.redhat.com/cloudforms/cfme/merge_requests/822

New commit detected on cfme/5.5.z:
https://code.engineering.redhat.com/gerrit/gitweb?p=cfme.git;a=commitdiff;h=1b19cfa424671588590eef59b43825c82e243634

commit 1b19cfa424671588590eef59b43825c82e243634
Merge: f91c73d 1659678
Author:     Dan Clarizio <dclarizi>
AuthorDate: Mon Feb 29 09:37:43 2016 -0500
Commit:     Dan Clarizio <dclarizi>
CommitDate: Mon Feb 29 09:37:43 2016 -0500

    Merge branch '55z_pr_6864' into '5.5.z'
    
    Redirect user to appropriate screen when rbac access is not allowed.
    
    When clicking on a link to go to a VM summary screen from dashboard widgets redirect user to Workloads explorer when user is not allowed to see Infrastructure/Virtual Machines or Cloud/Instances explorer based upon record type. Redirect user back to Dashboard with a flash message when user does not have access to any of the VM accordions in VM* explorers.
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1309473
    https://bugzilla.redhat.com/show_bug.cgi?id=1309737
    (cherry picked from commit 2352bb7)
    
    @dclarizi please review/merge, this is clean cherry-pick for https://github.com/ManageIQ/manageiq/pull/6864
    
    See merge request !822

 app/controllers/vm_common.rb       | 28 ++++++++++++++++++++++++++--
 app/views/dashboard/show.html.haml |  1 +
 spec/controllers/vm_common_spec.rb | 29 +++++++++++++++++++++++++++++
 3 files changed, 56 insertions(+), 2 deletions(-)

New commit detected on cfme/5.5.z:
https://code.engineering.redhat.com/gerrit/gitweb?p=cfme.git;a=commitdiff;h=1659678441549b179e4f47dee6b2901d0d1857ef

commit 1659678441549b179e4f47dee6b2901d0d1857ef
Author:     Harpreet Kataria <hkataria>
AuthorDate: Mon Feb 22 14:21:54 2016 -0500
Commit:     Harpreet Kataria <hkataria>
CommitDate: Fri Feb 26 19:00:08 2016 -0500

    Redirect user to appropriate screen when rbac access is not allowed.
    
    When clicking on a link to go to a VM summary screen from dashboard widgets redirect user to Workloads explorer when user is not allowed to see Infrastructure/Virtual Machines or Cloud/Instances explorer based upon record type. Redirect user back to Dashboard with a flash message when user does not have access to any of the VM accordions in VM* explorers.
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1309473
    https://bugzilla.redhat.com/show_bug.cgi?id=1309737
    (cherry picked from commit 2352bb7)

 app/controllers/vm_common.rb       | 28 ++++++++++++++++++++++++++--
 app/views/dashboard/show.html.haml |  1 +
 spec/controllers/vm_common_spec.rb | 29 +++++++++++++++++++++++++++++
 3 files changed, 56 insertions(+), 2 deletions(-)

https://github.com/ManageIQ/manageiq/pull/6946

I was unable to verify this bug. Tested on 5.5.3.2.20160318152106_92d2d67 and 5.6.0.0-pre-nightly.20160321091612_a8eb2ed. My steps to reproduce:
1. Added an infrastructure provider.
2. Created a "self-service" Role with only enabled Dashboard and Workloads feature, VM & Template Access Restriction is None.
3. Created a "self-service" Group with "self-service"
4. Created a user with "self-service" Group
5. Logined as just created user.
6. Tried to click on any VM in widget "EVM: Recently Discovered VMs"
Actual results:
The same error is thrown as in original bug screenshot.

Dmitry,

Can you attach a screenshot of features that are allowed for the role that you are login as. Does the role have access to see a VM summary screen, under "Access Rules for all Virtual Machines". Let me know if i can access your appliance to recreate the issue.

Thanks,
~Harpreet

Created attachment 1141864 [details]
Screenshot showing product features for self-service user

After enabling access to see a VM summary screen, under "Access Rules for all Virtual Machines", I was able to verify this bug in 5.5.3.2.20160318152106_92d2d67. Thanks Harpreet.

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2016:0616