Bug 1401912

Summary:	VM's owner can't access VMs if "Username" field contains uppercase letters
Product:	Red Hat CloudForms Management Engine	Reporter:	Oleksii Tsuman <otsuman>
Component:	Appliance	Assignee:	Joe Rafaniello <jrafanie>
Status:	CLOSED CURRENTRELEASE	QA Contact:	Satyajit Bulage <sbulage>
Severity:	medium	Docs Contact:
Priority:	unspecified
Version:	5.7.0	CC:	abellott, gtanzill, hkataria, jhardy, jrafanie, mpovolny, obarenbo, otsuman, rananda, sbulage, simaishi
Target Milestone:	GA	Keywords:	TestOnly, ZStream
Target Release:	5.8.0	Flags:	otsuman: automate_bug+
Hardware:	Unspecified
OS:	Unspecified
Whiteboard:	vm:ownership
Fixed In Version:	5.8.0.0	Doc Type:	If docs needed, set a value
Doc Text:		Story Points:	---
Clone Of:
Clones:	1411880 1412446 (view as bug list)		Environment:
Last Closed:	2017-06-12 17:21:22 UTC	Type:	Bug
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Bug Depends On:
Bug Blocks:	1411880, 1412446

Description Oleksii Tsuman 2016-12-06 11:52:16 UTC

Description of problem:
If created user's "username" field contains uppercase letters then after setting ownership to VM and relogining with this user VM will be absent. 

Version-Release number of selected component (if applicable):
5.7.0.13-rc3.20161129142908_1d51fd2


Steps to Reproduce:
1. Create Role (enable all Product Features) and Group 
2. Create User and set "username" field with lowercase and upper case letters (for ex. AaaAAbBBbb) and different from "Full Name" field 
3. Set VM ownership to this user
4. Logout and login with this new user
5. Go to Compute/Infrastructure/Virtual Machines 

Actual results:
VM absent 


Expected results:
VM present and accessible

Comment 2 CFME Bot 2016-12-16 19:21:18 UTC

https://github.com/ManageIQ/manageiq/pull/13226

Comment 3 Joe Rafaniello 2016-12-16 19:32:19 UTC

Note, QE, this only affects users with a role that is restricted with "Only user owned" or "Only user or group owned", otherwise known in the code as a restricted self service or self service user.

To recreate, all you have to do is create a role with either user only or user or group owned restrictions, put a user in a group having that role after you've set the user as the owner of that vm.

Comment 4 Joe Rafaniello 2016-12-16 20:04:16 UTC

Oleksii, can you confirm that the originally reported role is a user or user or group owned restricted role?  From unit and manual testing, I could only recreate this with roles that have these restrictions.

Comment 5 CFME Bot 2016-12-16 22:01:31 UTC

New commit detected on ManageIQ/manageiq/master:
https://github.com/ManageIQ/manageiq/commit/97b6b8914fb82b7fd197fdd98741b5d9bc1245b1

commit 97b6b8914fb82b7fd197fdd98741b5d9bc1245b1
Author:     Joe Rafaniello <jrafanie>
AuthorDate: Fri Dec 16 13:56:55 2016 -0500
Commit:     Joe Rafaniello <jrafanie>
CommitDate: Fri Dec 16 14:10:11 2016 -0500

    Case insensitive search of the current user
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1401912
    
    Note, we were only downcasing the userids in the users table,
    so a mixed case logged in userid would never match.
    
    This would cause a logged in self service user with mixed case
    userid to not see vms they own.
    
    This was broken here:
    9b897c35a92d9d4
    
    As part of:
    https://github.com/ManageIQ/manageiq/pull/11992
    
    We're fixing much like we did with groups here:
    https://github.com/ManageIQ/manageiq/pull/12114

 app/models/mixins/ownership_mixin.rb                               | 2 +-
 spec/support/examples_group/shared_examples_for_ownership_mixin.rb | 5 +++++
 2 files changed, 6 insertions(+), 1 deletion(-)

Comment 10 CFME Bot 2017-01-20 16:51:21 UTC

New commit detected on ManageIQ/manageiq/darga:
https://github.com/ManageIQ/manageiq/commit/e7dbb06aa498db4a4d86616aa73461cad0b1f52c

commit e7dbb06aa498db4a4d86616aa73461cad0b1f52c
Author:     Joe Rafaniello <jrafanie>
AuthorDate: Fri Dec 16 13:56:55 2016 -0500
Commit:     Joe Rafaniello <jrafanie>
CommitDate: Mon Jan 16 15:04:42 2017 -0500

    Case insensitive search of the current user
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1401912
    
    Note, we were only downcasing the userids in the users table,
    so a mixed case logged in userid would never match.
    
    This would cause a logged in self service user with mixed case
    userid to not see vms they own.
    
    This was broken here:
    9b897c35a92d9d4
    
    As part of:
    https://github.com/ManageIQ/manageiq/pull/11992
    
    We're fixing much like we did with groups here:
    https://github.com/ManageIQ/manageiq/pull/12114

 app/models/mixins/ownership_mixin.rb                               | 2 +-
 spec/support/examples_group/shared_examples_for_ownership_mixin.rb | 6 ++++++
 2 files changed, 7 insertions(+), 1 deletion(-)

Comment 11 Satyajit Bulage 2017-04-12 13:44:45 UTC

After following steps mentioned in description created a user with "TeStTeSt" username and Full Name is "Full Name" and VM's are present and are accessible.