Bug 1703041

Summary: [RFE] verbose output for failing upgrade checks
Product: Red Hat Satellite Reporter: Evgeni Golov <egolov>
Component: Satellite MaintainAssignee: Anurag Patel <apatel>
Status: CLOSED ERRATA QA Contact: Gaurav Talreja <gtalreja>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 6.5.0CC: ahumbe, andrew.schofield, apatel, bkearney, bshahu, ehelms, gtalreja, hajek, hasuzuki, inecas, jjeffers, jpathan, kgaikwad, mbacovsk, rbertolj, rcavalca, vmeghana
Target Milestone: 6.10.0Keywords: FutureFeature
Target Release: Unused   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
: 1908846 (view as bug list) Environment:
Last Closed: 2021-11-16 13:48:05 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Evgeni Golov 2019-04-25 11:11:06 UTC 
Description of problem:
When running `foreman-maintain upgrade check --target-version 6.5` it tells me that I have corrupted roles (Check for roles that have filters with multiple resources attached:   [FAIL], There are user roles with inconsistent filters), but there is no way to see which roles are affected and what steps it will execute to fix this issue.

As a user/admin, I am interested in this information to better understand the issue and maybe also avoiding it in the future (if I create my filters via automation, maybe my automation is bad?).

Version-Release number of selected component (if applicable):
rubygem-foreman_maintain-0.3.3-1.el7sat.noarch

How reproducible:
100%

Steps to Reproduce:
1. foreman-maintain upgrade check --target-version 6.5

Actual results:
"There are user roles with inconsistent filters"

Expected results:
More info which roles/filters are affected

Additional info:
Comment 3 Andrew Schofield 2019-07-12 15:33:38 UTC 
Further, there are no deprecation notes to state that there is a change in how roles / filters behave.
Comment 4 Suraj Patil 2020-05-06 12:24:36 UTC 
Created redmine issue https://projects.theforeman.org/issues/29713 from this bug
Comment 5 Bryan Kearney 2020-05-06 13:49:23 UTC 
Upstream bug assigned to supatil
Comment 6 Bryan Kearney 2020-06-01 20:05:21 UTC 
Moving this bug to POST for triage into Satellite 6 since the upstream issue https://projects.theforeman.org/issues/29713 has been resolved.
Comment 8 Gaurav Talreja 2021-06-07 06:22:32 UTC 
Verified.

Tested on Satellite 6.10.0 Snap 3.0
Version: rubygem-foreman_maintain-0.8.1-1.el7sat.noarch

Setup:
1. # hammer role create --name test_role
2. # hammer filter available-permissions
3. # hammer filter create --role test_role --permission-ids 62,68  (Here id's 62 and 68 are for view_hosts and console_hosts respectively)
4. # hammer filter list --search role=test_role (Check for the role, resource type, and permissions assigned)
5. Change resource type of any permission to test this check -
   # sudo su - postgres -c "psql -d foreman -c 'UPDATE permissions SET resource_type = '\''xyz'\'' WHERE name = '\''console_hosts'\'';'"

Steps:
1. # foreman-maintain health check --label corrupted-roles

Observation:
The check was able to detect and fix the corrupted roles along it also displayed their names as well.
Also, After the resource type is changed so it tries to split the filter while splitting out of 2 only 1 permission was changed so it created a new filter for it, and check that with the command `# hammer filter list --search role=test_role`
Comment 12 errata-xmlrpc 2021-11-16 13:48:05 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Satellite 6.10 Satellite Maintenance Release), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2021:4697