Bug 697091

Summary: Query generator grammar error for non-perm user (via resource config update history portlet)
Product: [Other] RHQ Project Reporter: Jay Shaughnessy <jshaughn>
Component: Core ServerAssignee: Jay Shaughnessy <jshaughn>
Status: CLOSED CURRENTRELEASE QA Contact: Mike Foley <mfoley>
Severity: high Docs Contact:
Priority: medium    
Version: 4.0.0.Beta2CC: hrupp, skondkar
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: All   
Whiteboard:
Fixed In Version: rhq4 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-09-02 03:17:39 EDT Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Bug Depends On:    
Bug Blocks: 585306    

Description Jay Shaughnessy 2011-04-15 15:28:18 EDT
1) Log in as user with no config perms for an accessible resource that does have resource config history.

2) Nav to summary->activity (resource dash) for the resource

3) The resource config update history portlet will generate an excpetion

The exception is server-side, a bad query is generated in the criteria fetch.
Comment 1 Jay Shaughnessy 2011-04-15 15:42:19 EDT
commit 18a3a539ccb069162b0d6d69c9cbf0f055f59205
Author: Jay Shaughnessy <jshaughn@redhat.com>
Date:   Fri Apr 15 15:38:28 2011 -0400

This seemed to be a flat out grammar issue in certain generated queries for non-permissioned users.

Test Notes- test the scenario above as well as many other non-permissioned queries for resources and groups as possible.
Comment 2 Sunil Kondkar 2011-06-09 05:15:57 EDT
Verified on build123 (Version: 4.1.0-SNAPSHOT Build Number: a6d2d56)

Created a user and a resource group. Created a role with no config permissions and assigned the group and the user to the role.
Logged in as the user with no config permissions and navigated to the summary->activity page for the resource. No exception is observed.

Also verified this by navigating to the summary->activity page for the resource group. No exception is observed.

Marking as verified.
Comment 3 Heiko W. Rupp 2013-09-02 03:17:39 EDT
Bulk closing of issues that were VERIFIED, had no target release and where the status changed more than a year ago.