Bug 698767
| Summary: | User cannot sync his own public repo | ||
|---|---|---|---|
| Product: | [Other] RHQ Project | Reporter: | Corey Welton <cwelton> |
| Component: | Content | Assignee: | RHQ Project Maintainer <rhq-maint> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Corey Welton <cwelton> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | medium | ||
| Version: | 4.0.0 | CC: | hrupp, lkrejci, mfoley |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 585306, 697844 | ||
Note that the other part of this does work correctly - if "bobuser" goes to repo view, he can see joeuser's public repo but has no sync button. Lukas, any impact on the scripts from alerts work? This is a UI omission. joeuser shouldn't have the sync button available to him unless he has the repo manager permission. The repos for "ordinary" users are intended for uploading stuff. Only repository managers can configure repos that get their contents pulled from content sources. So in other words, there is no impact on the alerts work - this is just a UI bug. commit 3a7c9f5b22134a353e4d7fd6f5cb7a89d26d3b25
Author: Lukas Krejci <lkrejci>
Date: Mon Apr 25 18:03:33 2011 +0200
BZ 698767 - only show the sync button in the repo list page if the user is a repo manager.
Documenting the verification as follows: 1) successful sync'ing of repo by rhqadmin Thu Apr 28 15:19:08 EDT 2011: Start synchronization of Repository [test] Thu Apr 28 15:19:08 EDT 2011: Getting currently known list of content source packages... Thu Apr 28 15:19:08 EDT 2011: Repository [test] completed syncing with no errors. 2) no sync button for user who is not a repo manager. Bookkeeping - closing bug - fixed in recent release. Bookkeeping - closing bug - fixed in recent release. Bookkeeping - closing bug - fixed in recent release. |
Description of problem: When a public repo is created for a user, it shows up in his repo view and he has a sync button. However, he gets a permission error when trying to sync Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. Create user 'joeuser' 2. As rhqadmin, create a repo, "joeuser's public repo"; assure it is public and owned by joeuser 3. Login as joeuser 4. Go to repos view and note the existence of "joeuser's public repo". 5. Select the repo and attempt to sync it. Actual results: Failed to delete repositories. Cause: org.rhq.enterprise.server.authz.PermissionException:Subject [joeuser] is not authorized for [MANAGE_REPOSITORIES]: invocation: method=public int org.rhq.enterprise.server.content.RepoManagerBean.synchronizeRepos(org.rhq.core.domain.auth.Subject,int[]) throws java.lang.Exception,context-data={} Expected results: Either user should be able to sync, or user should not see the sync button... Additional info: