Bug 1568045

Summary: Control->Explorer is visible for evmgroup-security role
Product: Red Hat CloudForms Management Engine Reporter: Satoe Imaishi <simaishi>
Component: UI - OPSAssignee: Harpreet Kataria <hkataria>
Status: CLOSED ERRATA QA Contact: Mike Shriver <mshriver>
Severity: medium Docs Contact:
Priority: high    
Version: 5.8.0CC: apagac, cpelland, hkataria, jhardy, lavenel, mpovolny, mshriver, obarenbo, simaishi
Target Milestone: GAKeywords: ZStream
Target Release: 5.8.4   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: rbac:control
Fixed In Version: 5.8.4.2 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1525598 Environment:
Last Closed: 2018-06-25 14:20:05 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: CFME Core Target Upstream Version:
Embargoed:
Bug Depends On: 1525598    
Bug Blocks:    

Comment 2 CFME Bot 2018-04-16 21:36:45 UTC 
New commit detected on ManageIQ/manageiq/fine:

https://github.com/ManageIQ/manageiq/commit/3fe4c1a7e3289f8bfb1f38ebb861a0956b0cad98
commit 3fe4c1a7e3289f8bfb1f38ebb861a0956b0cad98
Author:     Dan Clarizio <dclarizi>
AuthorDate: Tue Jan  9 16:39:48 2018 -0500
Commit:     Dan Clarizio <dclarizi>
CommitDate: Tue Jan  9 16:39:48 2018 -0500

    Merge pull request #16780 from h-kataria/controle_explorer_feature_access_fix

    Fixed control explorer feature id
    (cherry picked from commit 90052b1e8568e688ebe317370d3824c7c3d7ecaf)

    Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1568045

 db/fixtures/miq_user_roles.yml | 8 +-
 1 file changed, 4 insertions(+), 4 deletions(-)
Comment 4 Mike Shriver 2018-04-30 13:54:53 UTC 
Tested in 5.8.4.2.20180424224202_be9b69f

Control->Explorer access has been added to the evm-security role, granting users that are members of the EvmGroup-Security group access to the page.

BZ was written for mismatch between access tree and user's access when logged in. The RBAC access now matches the access control tree, and the BZ has been resolved.
Comment 5 Mike Shriver 2018-04-30 14:02:50 UTC 
Additionally the same access control tree modification has been made to the other roles impacted by this BZ:

EvmRole-support
EvmRole-auditor
EvmRole-approver
Comment 7 errata-xmlrpc 2018-06-25 14:20:05 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2018:1972