Bug 1460979

Summary: Tag Visibility | Access Controll: All users, groups, and tenants are visible for restricted user
Product: Red Hat CloudForms Management Engine Reporter: Ruslana Babyuk <rbabyuk>
Component: ApplianceAssignee: Libor Pichler <lpichler>
Status: CLOSED ERRATA QA Contact: Ruslana Babyuk <rbabyuk>
Severity: high Docs Contact:
Priority: high    
Version: 5.7.0CC: abellott, cpelland, dajohnso, gtanzill, jhardy, jrafanie, lpichler, obarenbo, simaishi
Target Milestone: GAKeywords: ZStream
Target Release: 5.7.3   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: ui:tag
Fixed In Version: 5.7.3.2 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1442972 Environment:
Last Closed: 2017-06-28 15:04:49 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: CFME Core Target Upstream Version:
Embargoed:
Bug Depends On: 1442972    
Bug Blocks: 1447372    

Comment 4 CFME Bot 2017-06-20 13:46:07 UTC 
New commit detected on ManageIQ/manageiq/euwe:
https://github.com/ManageIQ/manageiq/commit/b18f9982c9d07bec923f2e86823032ccc33b1cf1

commit b18f9982c9d07bec923f2e86823032ccc33b1cf1
Author:     Šimon Lukašík <isimluk>
AuthorDate: Tue May 2 14:03:38 2017 +0200
Commit:     Satoe Imaishi <simaishi>
CommitDate: Tue Jun 20 09:45:13 2017 -0400

    Merge pull request #14898 from lpichler/rbac_for_user_model_by_role
    
    RBAC for User model regard to allowed role
    (cherry picked from commit 5697c1c4d19c057fa0dbc55b82b83d25b9f17a42)
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1460979

 app/models/user.rb             |  4 ++++
 lib/rbac/filterer.rb           |  2 +-
 spec/lib/rbac/filterer_spec.rb | 11 +++++++++++
 3 files changed, 16 insertions(+), 1 deletion(-)
Comment 5 CFME Bot 2017-06-20 13:56:09 UTC 
New commit detected on ManageIQ/manageiq/euwe:
https://github.com/ManageIQ/manageiq/commit/904386f381cc447ac8acb6c90a446257d646a329

commit 904386f381cc447ac8acb6c90a446257d646a329
Author:     Gregg Tanzillo <gtanzill>
AuthorDate: Tue May 2 09:14:56 2017 -0400
Commit:     Satoe Imaishi <simaishi>
CommitDate: Tue Jun 20 09:46:32 2017 -0400

    Merge pull request #14901 from lpichler/join_rbac_for_role_user_and_group_to_one_if_branch
    
    Join RBAC check for MiqUserRole, User and MiqGroup to one if branch
    (cherry picked from commit b8adc2579749cf3ee7ea096f660ae7cc61961e86)
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1460979

 lib/rbac/filterer.rb | 23 ++++++++++++++---------
 1 file changed, 14 insertions(+), 9 deletions(-)
Comment 6 CFME Bot 2017-06-20 13:56:16 UTC 
New commit detected on ManageIQ/manageiq/euwe:
https://github.com/ManageIQ/manageiq/commit/3c74854045dd9015718814f9c2ad447dc439aceb

commit 3c74854045dd9015718814f9c2ad447dc439aceb
Author:     Gregg Tanzillo <gtanzill>
AuthorDate: Tue May 2 09:55:06 2017 -0400
Commit:     Satoe Imaishi <simaishi>
CommitDate: Tue Jun 20 09:47:40 2017 -0400

    Merge pull request #14903 from lpichler/tag_visibility_for_user_and_groups
    
    Tag visibility for User and MiqGroup model
    (cherry picked from commit 8340d21ae22c24bd1f5881e413065136c48a3d69)
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1460979

 lib/rbac/filterer.rb           | 18 ++++++++++++------
 spec/lib/rbac/filterer_spec.rb | 38 ++++++++++++++++++++++++++++++++++++++
 2 files changed, 50 insertions(+), 6 deletions(-)
Comment 8 errata-xmlrpc 2017-06-28 15:04:49 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2017:1601