Bug 1531499

Summary: Automation->Ansible is visible for multiple roles when it should not be
Product: Red Hat CloudForms Management Engine Reporter: Antonin Pagac <apagac>
Component: UI - OPSAssignee: lgalis
Status: CLOSED ERRATA QA Contact: Mike Shriver <mshriver>
Severity: medium Docs Contact:
Priority: high    
Version: 5.8.0CC: apagac, cpelland, dajohnso, hkataria, lavenel, mpovolny, mshriver, obarenbo, simaishi
Target Milestone: GAKeywords: ZStream
Target Release: 5.8.4Flags: mshriver: automate_bug+
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: rbac:ansible
Fixed In Version: 5.8.4.1 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-06-25 14:17:08 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: Bug
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: Ansible

Description Antonin Pagac 2018-01-05 10:42:22 UTC
Description of problem:
Automation -> Ansible is visible in the vertical navigation for roles that don't have permission to access it. These roles are affected:

EvmRole-administrator
EvmRole-user_self_service
EvmRole-vm_user
EvmRole-desktop

Version-Release number of selected component (if applicable):
5.8.3.0

How reproducible:
Always

Steps to Reproduce:
1. Create user with any of the roles listed above
2. Login as created user
3. Notice visibility of Automation->Ansible in vertical nav

Actual results:
Automation->Ansible is visible

Expected results:
Automation->Ansible should not be visible

Additional info:
Tested with a ldap user.

Comment 8 Mike Shriver 2018-04-17 15:09:56 UTC
Testing in CFME 5.8.4.1.20180413183721_10e9d3b

EvmRole_administrator, EvmRole-user_self_service, EvmRole-vm_user roles now have Automation->Ansible access in RBAC tree and see the pages in navigation [PASS]

EvmRole-desktop: RBAC does not include Automation->Ansible, and the pages are NOT visible in navigation. [PASS]

The role's RBAC access concerning Automation->Ansible has been resolved.

Comment 10 errata-xmlrpc 2018-06-25 14:17:08 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2018:1972