Bug 2168861

Summary: "Attach existing sysprep" should not try to get resource at cluster scope when logged in with regular user
Product: Container Native Virtualization (CNV) Reporter: Guohua Ouyang <gouyang>
Component: User ExperienceAssignee: Ugo Palatucci <upalatuc>
Status: CLOSED ERRATA QA Contact: Guohua Ouyang <gouyang>
Severity: medium Docs Contact:
Priority: medium    
Version: 4.12.0CC: gouyang, upalatuc
Target Milestone: ---   
Target Release: 4.13.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
: 2173574 (view as bug list) Environment:
Last Closed: 2023-05-18 02:57:49 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2173574    
Attachments:
Description Flags
sysprep none

Description Guohua Ouyang 2023-02-10 10:05:12 UTC 
Created attachment 1943296 [details]
sysprep

Description of problem:
"Attach existing sysprep" should not try to get resource at cluster scope when logged in with regular user, it should try to get resource from current project or projects he owned.

Version-Release number of selected component (if applicable):
v4.12.0

How reproducible:


Steps to Reproduce:
1. login with regular user, like "test"
2. create vm from catalog and move to vm scripts tab
3. try to attach existing sysprep

Actual results:
An error is showing ```configmaps is forbidden: User "test" cannot list resource "configmaps" in API group "" at the cluster scope```

Expected results:
It loads configmaps from current project or the projects he can list resources.

Additional info:
Similar bug: https://bugzilla.redhat.com/show_bug.cgi?id=2168859
Comment 2 errata-xmlrpc 2023-05-18 02:57:49 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Virtualization 4.13.0 Images security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2023:3205