Bug 1881872
| Summary: | The regular user should not see volume snapshot content from UI | ||||||
|---|---|---|---|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | Qin Ping <piqin> | ||||
| Component: | Console Storage Plugin | Assignee: | Bipul Adhikari <badhikar> | ||||
| Status: | CLOSED ERRATA | QA Contact: | Neha Berry <nberry> | ||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | medium | ||||||
| Version: | 4.6 | CC: | anbehl, aos-bugs, jakumar, jokerman, nberry, nmukherj, nthomas | ||||
| Target Milestone: | --- | ||||||
| Target Release: | 4.6.0 | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2020-10-27 16:44:06 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
|
Description
Qin Ping
2020-09-23 09:25:02 UTC
Moving to the DevConsole team since they have been working on adding the Volume Snapshots Content navbar item in https://github.com/openshift/console/pull/5980 This is not owned by DevConsole and should be moved to Storage team and not sure what's the right component for it. Moved to Console Storage team Moving back to ON_QA as I misunderstood the fix. Confirmed with Qin Ping and Bipul, I should not even see the VSContent in UI for the User. Will test it again with latest builds Created attachment 1716602 [details] Verification screenshot Verified the fix in 2 clusters ( Qin Ping - 4.6.0-0.nightly-2020-09-25-085318) and 4.6.0-0.nightly-2020-09-25-070943 OCS = ocs-operator.v4.6.0-569.ci _________________________________ Attached screencast of the UI flow. The Persistent Volume and Volume Snapshot Content are no longer listed under Storage if we have logged IN with a normal User which doesn't have the admin access. _____________________________ UI ======= 1. Installed an OCP4.6 cluster. 2. Created a user1 using the steps mentioned in [1] [1] https://docs.openshift.com/container-platform/4.5/authentication/identity_providers/configuring-htpasswd-identity-provider.html#configuring-htpasswd-identity-provider 3. Logged into the web console with regular user user1 and not kubeadmin 4. Created a new Project/PVC and snapshot 5. Checked Storage/Volume Snapshots Content page. These were not listed under Storage tab CLI ============ $ oc whoami user1 $ oc get volumesnapshotcontent Error from server (Forbidden): volumesnapshotcontents.snapshot.storage.k8s.io is forbidden: User "user1" cannot list resource "volumesnapshotcontents" in API group "snapshot.storage.k8s.io" at the cluster scope Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (OpenShift Container Platform 4.6 GA Images), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:4196 |