Bug 2158508

Summary: Permission denied on Ansible part of host page when usergroup of user have administrator role
Product: Red Hat Satellite Reporter: Jan Jansky <jjansky>
Component: Ansible - Configuration ManagementAssignee: nalfassi
Status: CLOSED ERRATA QA Contact: addubey
Severity: medium Docs Contact:
Priority: unspecified    
Version: 6.12.0CC: addubey, nalfassi, pcreech, peter.vreman
Target Milestone: 6.13.0Keywords: Triaged
Target Release: Unused   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: rubygem-foreman_ansible-10.4.0 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2023-05-03 13:24:04 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jan Jansky 2023-01-05 15:37:20 UTC 
Description of problem:
With user which is non-admin but it is in usergroup which should give him administrator role is possible to access lot of pages, but on

WebUI -> Hosts -> select host -> Ansible

is shown below

Permission denied
You are not authorized to view the page. Request the following permissions from administrator: view_ansible_roles.


Version-Release number of selected component (if applicable):
satellite-6.12.0-4.el8sat.noarch


How reproducible:
Always

Steps to Reproduce:
1. Create user with non-admin (in my case ldap based)
2. Create usergroup with administrator role (in my case ldap based)
3. As user from (1) log in and try to access
WebUI -> Hosts -> select host -> Ansible

Actual results:
Permission denied
You are not authorized to view the page. Request the following permissions from administrator: view_ansible_roles.

Expected results:
See Ansible page as user should be administrator due to usergroup

Additional info:
Reproducer ready
Comment 3 nalfassi 2023-01-25 13:18:06 UTC 
Created redmine issue https://projects.theforeman.org/issues/35994 from this bug
Comment 4 Bryan Kearney 2023-02-05 16:03:03 UTC 
Moving this bug to POST for triage into Satellite since the upstream issue https://projects.theforeman.org/issues/35994 has been resolved.
Comment 10 errata-xmlrpc 2023-05-03 13:24:04 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Important: Satellite 6.13 Release), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2023:2097