Bug 1317828

Summary: Edit components displayed when user is not allowed to edit
Product: Red Hat Satellite Reporter: Kenny Tordeurs <ktordeur>
Component: Users & RolesAssignee: David Davis <daviddavis>
Status: CLOSED ERRATA QA Contact: Bruno Rocha <rochacbruno>
Severity: low Docs Contact:
Priority: low    
Version: 6.1.7CC: abalakht, bbuckingham, jcallaha, rochacbruno, thomas.betrancourt
Target Milestone: UnspecifiedKeywords: Triaged
Target Release: Unused   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1426687 (view as bug list) Environment:
Last Closed: 2018-02-21 16:49:54 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
role_filters
none
docker_content
none
yum_content
none
Verification_role_filters
none
verification_yum_content_ok none

Description Kenny Tordeurs 2016-03-15 10:18:42 UTC 
Created attachment 1136498 [details]
role_filters

Description of problem:
A role is defined which allows Users to:
- Publish a new version of a content view 
- Promote a version to a LifeCycle Environment 
- Remove a version from a LifeCycle Environment

On the "Yum Content" > "Repositories page, "List/Remove" and "Add" tabs are displayed but User cannot Add or Remove repositories  
Same for the "Docker Content" tab.

Version-Release number of selected component (if applicable):
Satellite 6.1.7

How reproducible:
100%

Steps to Reproduce:
1. Define a role as mentioned in the description
2. Navigate to content views
3. Verify yum content and docker content for "List/Remove" and "Add" tabs

Actual results:
Shows "List/Remove" and "Add" tabs while the user has no rights for it.

Expected results:
Just show read-only lists.

Additional info:
Comment 1 Kenny Tordeurs 2016-03-15 10:19:06 UTC 
Created attachment 1136499 [details]
docker_content
Comment 2 Kenny Tordeurs 2016-03-15 10:19:29 UTC 
Created attachment 1136500 [details]
yum_content
Comment 3 Bryan Kearney 2016-07-20 18:10:54 UTC 
Upstream bug assigned to cfouant
Comment 4 Bryan Kearney 2016-07-26 19:01:44 UTC 
Moving 6.2 bugs out to sat-backlog.
Comment 5 Bryan Kearney 2016-08-03 18:12:51 UTC 
Upstream bug assigned to daviddavis
Comment 6 Bryan Kearney 2016-09-29 16:14:28 UTC 
Moving this bug to POST for triage into Satellite 6 since the upstream issue http://projects.theforeman.org/issues/13934 has been resolved.
Comment 11 Bruno Rocha 2016-11-09 22:57:31 UTC 
Created attachment 1219107 [details]
Verification_role_filters
Comment 12 Bruno Rocha 2016-11-09 22:58:07 UTC 
Created attachment 1219109 [details]
verification_yum_content_ok
Comment 13 Bruno Rocha 2016-11-09 23:04:13 UTC 
Verified in:

satellite-6.3.0-6.1.beta.el7sat.noarch - RHEL6 and RHEL7

Conclusion:

As in attached images, now it is needed more filters added to the role such as "access_dashboard" and "view_hosts", but all "read_only" filters.

User was able to see ContentView - Yum Content and "List/Remove" and "Add" tabs not shown.
Comment 14 Satellite Program 2018-02-21 16:49:54 UTC 
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA.

For information on the advisory, and where to find the updated files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2018:0336