Bug 740967

Summary: User with only "Promote Changesets in Environment" role gets 403 when accessing default Content Management tab
Product: [Retired] Katello Reporter: Corey Welton <cwelton>
Component: WebUIAssignee: Jason E. Rist <jrist>
Status: CLOSED DUPLICATE QA Contact: Katello QA List <katello-qa-list>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 1.0CC: mmccune
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-09-28 19:37:22 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Corey Welton 2011-09-23 23:54:38 UTC 
Description of problem:

For a role (or a user who only has this role) that offers only "Promote Changesets in Environment" verb, when logging in and going to the available, default "Content Management" page, a 403 is returned.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1. Create a user called 'changesets'
2. Create a role called 'changesets role', containing user you just create and create a role which has ONLY the verb "Promote Changesets in Environment"
3. Login with user changesets.
4. Noting the two top-level tabs available (Dashboard, Content Management), click the "Content Management" tab.
  
Actual results:
User is given a permission denied - which makes sense, because user does not have access to all content management - but it is awkward.

Expected results:
Not exactly sure, some UXD consideration is required. Should user be dropped to first available subtab for which s/he has rights?

Additional info:
Comment 1 Corey Welton 2011-09-23 23:56:07 UTC 
BTW, I'm gonna go out in a limb and say this will be a problem across several of the top-level tabs where permissions are split out against subtabs.
Comment 2 Corey Welton 2011-09-24 02:16:14 UTC 
It should be noted that, in a similar situation, user with only rights of Organization:Sync Products /is/ taken to the proper submenu within Content Management, when clicking the top-level tab.
Comment 3 Mike McCune 2011-09-28 19:37:22 UTC 

*** This bug has been marked as a duplicate of bug 737207 ***