Bug 1415204
| Summary: | non admin user is not able to upload packages to the yum type repository | ||
|---|---|---|---|
| Product: | Red Hat Satellite | Reporter: | Roman Bobek <rbobek> |
| Component: | Repositories | Assignee: | satellite6-bugs <satellite6-bugs> |
| Status: | CLOSED DUPLICATE | QA Contact: | Katello QA List <katello-qa-list> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 6.2.6 | CC: | bbuckingham, dhlavacd, jcallaha, ktordeur, mhulan, rbobek, xdmoon |
| Target Milestone: | Unspecified | Keywords: | Triaged |
| Target Release: | Unused | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2017-05-31 19:42:48 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
This does not seem to be generic permissions issue rather than the page with upload form does not check specific permission correctly. Moving to repositories component. Hello Roman, I am not able to reproduce the issue with the steps above on 6.2.4, 6.2.6 or on the upstream. If I remove the 'destroy_products' permission, I am able to reproduce it. Is that the scenario/configuration that you intended to report? If not, if you have an internal reproducer, can we access it? In other words, the user has the following permissions: Resource: Product and Repositories Permissions: view_products, create_products, edit_products, destroy_products, sync_products, export_products And not the following: Resource: Product and Repositories Permissions: view_products, create_products, edit_products, sync_products, export_products I am seeing the exact same behavior on both 6.2.4 and 6.2.6; therefore, access to an internal reproducer (if one is available) would be useful. (In reply to Brad Buckingham from comment #5) > I am seeing the exact same behavior on both 6.2.4 and 6.2.6; therefore, > access to an internal reproducer (if one is available) would be useful. Hello Brad, this is strange. I'm testing it on 6.2.7 and it works fine now. The destroy_products was present at the role before. I will update the customer and ask him for verification. Regards, -Roman Hi Roman, I came across another bugzilla today that has a very similar description. I suspect that the issue here may actually be the same and it does require a small code change. Care to take a quick look? If it is, we can mark this one as a duplicate. The other bz is bug 1429624. thanks, Brad (In reply to Brad Buckingham from comment #7) Hello Brad, yes, this BZ is a duplicate of Bug 1429624 and can be closed. Regards, -Roman *** This bug has been marked as a duplicate of bug 1429624 *** |
Description of problem: When I create a non admin user with a role which contains all permissions (most importantly the 'destroy_products' permission) from 'Products and Repositories' resource group, I'm not able to upload a new packages in the repository of type yum. The upload dialog is completely missing. Steps to Reproduce: 1. Create new user (Administer > Users > New User), assign him e-mail, organization, location and password (tested on Internal authorization method) 2. Create new role (Administer > Roles > New Role) 3. In the role create New filter with following permissions: * Resource type: Product and Repositories * Selected items: create_products edit_products destroy_products sync_products export_products view_products 4. Assign the role to the created user (Administer > Users > user > Roles tab > Choose the role > Submit 5. Choose some custom product with repository type 'yum' 6. Click the repository Actual results: The upload dialog is completely missing. Expected results: The upload dialog is present and the user is allowed to upload packages into the repository. Additional info: * I have tested this on Satellite 6.2.4 and it's working there * The relevant permission, which grants access to the upload dialog is probably destroy_products * Same setup on Satellite 6.2.6 does not work * On both 6.2.4 and 6.2.6 the user with this permissions is not allowed to create new repository in the product