Bug 1418269
| Summary: | Missing common error templates (incl. missing permission) | ||
|---|---|---|---|
| Product: | Red Hat Satellite | Reporter: | Lukas Zapletal <lzap> |
| Component: | WebUI | Assignee: | Justin Sherrill <jsherril> |
| WebUI sub component: | Katello | QA Contact: | Roman Plevka <rplevka> |
| Status: | CLOSED ERRATA | Docs Contact: | |
| Severity: | medium | ||
| Priority: | medium | CC: | bbuckingham, bkearney, jcallaha, mtaru, rplevka, tbrisker |
| Version: | 6.2.7 | Keywords: | Triaged |
| Target Milestone: | 6.4.0 | ||
| Target Release: | Unused | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| URL: | http://projects.theforeman.org/issues/18338 | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2018-10-16 19:05:32 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
*** Bug 1443817 has been marked as a duplicate of this bug. *** Upstream bug assigned to jsherril Moving this bug to POST for triage into Satellite 6 since the upstream issue http://projects.theforeman.org/issues/18338 has been resolved. VERIFIED
on sat6.4.0-21
the error pages now show properly
- tested on 403 and 404.
403:
2018-09-14T05:03:33 [I|app|] Started GET "/job_invocations/2" for 10.40.205.144 at 2018-09-14 05:03:33 -0400
2018-09-14T05:03:33 [I|app|c8de7] Processing by JobInvocationsController#show as HTML
2018-09-14T05:03:33 [I|app|c8de7] Parameters: {"id"=>"2"}
2018-09-14T05:03:33 [I|app|c8de7] Current user: foo (regular user)
2018-09-14T05:03:33 [I|app|c8de7] Rendering common/403.html.erb within layouts/application
...
2018-09-14T05:03:33 [I|app|c8de7] Rendered layouts/base.html.erb (20.8ms)
2018-09-14T05:03:33 [I|app|c8de7] Filter chain halted as :authorize rendered or redirected
2018-09-14T05:03:33 [I|app|c8de7] Completed 403 Forbidden in 44ms (Views: 23.8ms | ActiveRecord: 4.5ms)
for 404:
2018-09-14T05:05:31 [I|app|] Started GET "/foreman_tasks/tasks/1" for 10.40.205.144 at 2018-09-14 05:05:31 -0400
2018-09-14T05:05:31 [I|app|2860f] Processing by ForemanTasks::TasksController#show as HTML
2018-09-14T05:05:31 [I|app|2860f] Parameters: {"id"=>"1"}
2018-09-14T05:05:31 [I|app|2860f] Current user: foo (regular user)
2018-09-14T05:05:31 [I|app|2860f] Rendering common/404.html.erb within layouts/application
2018-09-14T05:05:31 [I|app|2860f] Rendered common/404.html.erb within layouts/application (3.2ms)
2018-09-14T05:05:31 [I|app|2860f] Rendered layouts/_application_content.html.erb (1.3ms)
2018-09-14T05:05:31 [I|app|2860f] Rendering layouts/base.html.erb
2018-09-14T05:05:31 [I|app|2860f] Rendered layouts/base.html.erb (1.7ms)
2018-09-14T05:05:31 [I|app|2860f] Completed 404 Not Found in 30ms (Views: 9.0ms | ActiveRecord: 4.0ms)
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2018:2927 |
ello, in the main application controller we redirect to common/4xx views but these are not present causing the Rails app to crash with generic 500: [lzap@lzapx katello]$ ag common/40 app/controllers/katello/application_controller.rb 299: format.html { render :template => "katello/common/403", :layout => !request.xhr?, :status => 403 } 313: format.html { render :template => "katello/common/404", :layout => !request.xhr?, :status => 404 } 360: render :template => 'katello/common/400', :layout => !request.xhr?, :status => status, I experienced this with Satellite 6.2, if this is an easy fix, please file backport BZ, thanks. 2017-02-01 06:17:22 [app] [I] Started GET "/katello/403" for 10.40.204.143 at 2017-02-01 06:17:22 -0500 2017-02-01 06:17:22 [app] [I] Processing by Katello::ApplicationController#permission_denied as HTML 2017-02-01 06:17:22 [app] [I] Completed 500 Internal Server Error in 128ms 2017-02-01 06:17:22 [app] [F] | ActionView::MissingTemplate (Missing template katello/common/403 with {:locale=>[:en], :formats=>[:html], :variants=>[], :handlers=>[:erb, :builder, :raw, :ruby, :rabl]}. Searched in: | * "/usr/share/foreman/app/views" | * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman_remote_execution-0.3.0.13/app/views" | * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman_openscap-0.5.3.18/app/views" | * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman_discovery-5.0.0.9/app/views" | * "/opt/theforeman/tfm/root/usr/share/gems/gems/redhat_access-1.0.13/app/views" | * "/opt/theforeman/tfm/root/usr/share/gems/gems/katello-3.0.0.95/app/views" | * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman-tasks-0.7.14.11/app/views" | * "/opt/theforeman/tfm/root/usr/share/gems/gems/bastion-3.2.0.10/app/views" | * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman_bootdisk-6.1.0.3/app/views" | * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman_docker-2.0.1.11/app/views" | * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman_theme_satellite-0.1.38/app/views" | * "/opt/theforeman/tfm/root/usr/share/gems/gems/apipie-rails-0.3.6/app/views" | ): | katello (3.0.0.95) app/controllers/katello/application_controller.rb:290:in `block (2 levels) in render_403' | katello (3.0.0.95) app/controllers/katello/application_controller.rb:289:in `render_403' | app/controllers/application_controller.rb:61:in `deny_access' | app/controllers/application_controller.rb:53:in `authorize' | lib/middleware/catch_json_parse_errors.rb:9:in `call' | When implementing this and you decide not to use Foreman core error pages, please render missing permission for 403 errors, this is very important. Users struggle finding correct permissions and Foreman core 403 page already shows that. See #12754 for more details. This is bastion issue, can't find correct component for it, set WebUI for now. TRIAGE NOTES: Please backport, high impact (all customers trying to setup role permissions), low effort (we just need a missing template or redirect to foreman core template), improved SELF-HEALING capabilities, very important.