Bug 1354572

Summary: Remove the view_params permission in favor of edit_params
Product: Red Hat Satellite Reporter: Ivan Necas <inecas>
Component: Users & RolesAssignee: satellite6-bugs <satellite6-bugs>
Status: CLOSED ERRATA QA Contact: Renzo Nuccitelli <rnuccite>
Severity: high Docs Contact:
Priority: unspecified    
Version: 6.2.0CC: bbuckingham, cwelton, ehelms, jmatthew, rnuccite
Target Milestone: UnspecifiedKeywords: Triaged
Target Release: Unused   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: foreman-1.11.0.46-1 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-07-27 11:21:14 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Ivan Necas 2016-07-11 15:27:40 UTC 
Description of problem:
The view_params permission was used in taxonomies to determine if the params in the taxonomy will be visible, The permissions is not used anywhere else. Therefore we should use the edit_params permissions to fix the params in taxonomies.

Version-Release number of selected component (if applicable):
6.2 beta 2

How reproducible:
always

Steps to Reproduce:
1. have non-admin user with edit_params permission
2. go to organization details


Actual results:
parameters tab missing

Expected results:
parameters tab is there and user is able to edit the params

Additional info:
Comment 4 Renzo Nuccitelli 2016-07-13 19:39:12 UTC 
I could not reproduce the bug. What I've done:

1.Create a Role in Administer -> Roles
2.On Role creation set Resource type to Parameters
3.On Role creation add permission edit_params
4.On Role creation set Resource type to Organization
5.On Role creation add permissions edit_organizations and
view_organizations
6.Create a non admin user in Administer -> Users
7.Add previous role to this user
8.Login with previous user credentials
9.Go to Organization -> Manage Organizations
10.Choose Default Organization
11.Assert "Parameters" tab is present

I have also removed the edit_params permission and asserted "Parameters" tab was not visible anymore.
Comment 5 Renzo Nuccitelli 2016-07-13 19:41:29 UTC 
(In reply to Renzo Nuccitelli from comment #4)
> I could not reproduce the bug. What I've done:
> 
> 1.Create a Role in Administer -> Roles
> 2.On Role creation set Resource type to Parameters
> 3.On Role creation add permission edit_params
> 4.On Role creation set Resource type to Organization
> 5.On Role creation add permissions edit_organizations and
> view_organizations
> 6.Create a non admin user in Administer -> Users
> 7.Add previous role to this user
> 8.Login with previous user credentials
> 9.Go to Organization -> Manage Organizations
> 10.Choose Default Organization
> 11.Assert "Parameters" tab is present
> 
> I have also removed the edit_params permission and asserted "Parameters" tab
> was not visible anymore.

In time, running rpm -q satellite I got the version:
satellite-6.2.0-20.0.el7sat.noarch
Comment 6 Bryan Kearney 2016-07-27 11:21:14 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2016:1501