Bug 1698819

Summary: ClusterReader user can not get cluster operator and get cluster version
Product: OpenShift Container Platform Reporter: yufchang <yufchang>
Component: apiserver-authAssignee: Erica von Buelow <evb>
Status: CLOSED DUPLICATE QA Contact: Chuan Yu <chuyu>
Severity: medium Docs Contact:
Priority: medium    
Version: 4.1.0CC: aos-bugs, mkhan
Target Milestone: ---Keywords: OnlineStarter
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-04-11 11:15:34 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description yufchang 2019-04-11 09:35:40 UTC 
Description of problem:
User with ClusterReader role can not get cluster operators and get clusterversion.

Version-Release number of selected component (if applicable):
4.0.0-0.9

How reproducible:
always

Steps to Reproduce:
1.login with a ClusterReader account;
2.oc get clusterversion
3. the same with getting clusteroperator.

Actual results:
Error from server (Forbidden): clusterversions.config.openshift.io is forbidden

Expected results:
succeed in geting cluster version and cluster operator

Additional info:
Comment 1 Mo 2019-04-11 11:15:34 UTC 

*** This bug has been marked as a duplicate of bug 1697638 ***