Bug 698475

Summary: Changes to Role permissions are not saving
Product: [Other] RHQ Project Reporter: Mike Foley <mfoley>
Component: Core UIAssignee: Ian Springer <ian.springer>
Status: CLOSED CURRENTRELEASE QA Contact: Corey Welton <cwelton>
Severity: medium Docs Contact:
Priority: high    
Version: 4.0.0.Beta2CC: ccrouch, hrupp, ian.springer, skondkar
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: All   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-05-24 01:11:37 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Bug Depends On:    
Bug Blocks: 585306    
Attachments:
Description Flags
role permissions none

Description Mike Foley 2011-04-20 23:39:56 UTC
Created attachment 493664 [details]
role permissions

Description of problem:
Changes to Role permissions are not saving

Version-Release number of selected component (if applicable):


How reproducible:
100%

Steps to Reproduce:
1.  create a new role
2.  in Permissions, unset some write permissions
3.  click Save
4.  view the role again, changes to permissions were not saved
  
Actual results:

changes to role permissions were not saved


Expected results:

changes to role permissions are saved

Additional info:

see attached image

Comment 1 Mike Foley 2011-04-21 14:18:21 UTC
learned from ian: this may be a usability issue.  there are a lot of dependencies between the individual permissions that are not expressed in the UI that may be contributing to my perception that permissions were not being saved.

Comment 2 Ian Springer 2011-04-21 14:57:48 UTC
It appeared permission changes were not being saved, because the permissions that had been unset were re-selected due to being implied by MANAGE_INV or MANAGE_SEC.

[master 7b98837] should make this clearer to the user by displaying a transient message to inform the user when auto-selecting perms implied by a perm the user has just selected.

Comment 3 Ian Springer 2011-04-21 16:04:46 UTC
There was one more change needed to resolve this:

[master f9361b2] don't allow deselection of perms whose selection is implied by existing selection of MANAGE_SECURITY or MANAGE_INVENTORY, and display a transient warning message

Comment 4 Ian Springer 2011-04-21 17:39:05 UTC
One last change:

[master 294c067] in perm editor, don't allow deselection of CONFIGURE_READ if CONFIGURE_WRITE is selected

Comment 5 Sunil Kondkar 2011-05-04 12:20:39 UTC
Verified on rhq4 release build (Version: 4.0.0 Build Number: db0c817)

Below messages are displayed when user selects 'Manage inventory' or Manage Security' permissions:
1. Autoselected unselected permissions, since MANAGE_SECURITY implies all other permissions.
2. Autoselected unselected Resource permissions, since MANAGE_INVENTORY implies all Resource permissions.

User is not allowed to deselect permissions whose selection is implied by
existing selection of MANAGE_SECURITY or MANAGE_INVENTORY

Below example messages are displayed:
1.Inventory permissions cannot be deselected, unless Manage Inventory, which implies all Resource permissions is deselected first
2.Configure permission cannot be deselected unless the Manage Security permissions, which implies all Resource permission, which implies all other permissions is deselected first.

It displays a mesage and user is not allowed to deselect CONFIGURE_READ if CONFIGURE_WRITE is selected.

Comment 6 Corey Welton 2011-05-24 01:11:37 UTC
Bookkeeping - closing bug - fixed in recent release.

Comment 7 Corey Welton 2011-05-24 01:11:37 UTC
Bookkeeping - closing bug - fixed in recent release.