Bug 1320065

Summary: Multiple host action buttons use incorrect permissions for display
Product: Red Hat Satellite Reporter: Tomer Brisker <tbrisker>
Component: Users & RolesAssignee: Tomer Brisker <tbrisker>
Status: CLOSED ERRATA QA Contact: jcallaha
Severity: medium Docs Contact:
Priority: unspecified    
Version: 6.0.4CC: bbuckingham, jcallaha, omaciel
Target Milestone: UnspecifiedKeywords: Triaged
Target Release: Unused   
Hardware: Unspecified   
OS: Unspecified   
URL: http://projects.theforeman.org/issues/14310
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-07-27 11:08:59 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Tomer Brisker 2016-03-22 09:14:02 UTC 
Currently, the multiples host action button dropdown will display all actions to any user with the `edit_hosts` or `destroy_hosts` permission.
In addition, the `New Host` button will not display for users with only the `create_hosts` permission.
Comment 1 Tomer Brisker 2016-03-22 09:14:05 UTC 
Created from redmine issue http://projects.theforeman.org/issues/14310
Comment 2 Tomer Brisker 2016-03-22 09:14:09 UTC 
Upstream bug assigned to tbrisker
Comment 4 Bryan Kearney 2016-03-24 16:09:42 UTC 
Moving to POST since upstream bug http://projects.theforeman.org/issues/14310 has been closed
-------------
Anonymous
Applied in changeset commit:29c5556a341f0f26ed701d92a6a2ea0203e8e533.
Comment 5 jcallaha 2016-06-16 17:51:52 UTC 

Difference between Administrator tasks that a user with 'Edit Host' roles doesn't have.
Change Puppet Master
Change Puppet CA
Change Power State

There are no more create or destroy hosts permissions. However, a user with 'Edit Host' permissions is able to create and delete hosts.

If you want to further limit the actions a user can take against a host, use the 'View Hosts' role. That only leaves the following actions.
Assign Compliance Policy
Unassign Compliance Policy
Run Job
Comment 6 Bryan Kearney 2016-07-27 11:08:59 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2016:1501