Bug 745456

Summary: Clicking on Summary->Timeline tab of a resource by a user without config read permission displays a pop up displaying a message 'Failed to load json data'
Product: [Other] RHQ Project Reporter: Sunil Kondkar <skondkar>
Component: Core UIAssignee: John Mazzitelli <mazz>
Status: CLOSED CURRENTRELEASE QA Contact: Mike Foley <mfoley>
Severity: medium Docs Contact:
Priority: high    
Version: 4.1CC: hrupp, mazz
Target Milestone: ---   
Target Release: JON 3.0.0, RHQ 4.3.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 745494    
Attachments:
Description Flags
Screenshot
none
ServerLog none

Description Sunil Kondkar 2011-10-12 12:40:55 UTC 
Description of problem:

Clicking on Summary->Timeline tab of a resource by a user without config read permission displays a pop up displaying below message :

"Failed to load json data from /resource/common/monitor/events/EventConfigJSON.jsp?id=10001&begin=1318390713800&end=1318419513800
Internal Server Error".

when user tries to navigate away and clicks on any tab or sub tab of the platform resource, the pop up still displays.

The server log displays PermissionException.

Please refer the attached screenshot and the server log.

Version-Release number of selected component (if applicable):

Build#510 (Version: 4.1.0-SNAPSHOT Build Number: 0a0e373)

Tested on Firefox versions '3.6.3' and '3.0.15'.

How reproducible:

Always

Steps to Reproduce:

1. Login to rhq as rhqadmin.
2. Create a user
3. Create a compatible group of resorce (Ex: RHQ Agent)
4. Create a role without 'Configure' resource permissions. (Or default permissions)
5. Assign user and compatible group to the role created.
6. Login as the user
7. Navigate to 'Inventory menu'->Servers->resource name (RHQ Agent)
8. Click on the 'Summary->Timeline' tab

  
Actual results:

It displays a pop up displaying a message 'Failed to load json data' and the server log displays PermissionException.

Expected results:

No exception and pop up message should be displayed.

Additional info:
This bug is not reproducible when user has configure read permissions.
Comment 1 Sunil Kondkar 2011-10-12 12:41:31 UTC 
Created attachment 527690 [details]
Screenshot
Comment 2 Sunil Kondkar 2011-10-12 12:41:58 UTC 
Created attachment 527691 [details]
ServerLog
Comment 3 John Mazzitelli 2011-10-26 16:28:21 UTC 
in our EventJSON jsps that serve the JSON data, we need to wrap in try-catch block so as not to blow up the Timeline component.

I have this fixed on my local branch, will push once master is unfrozen
Comment 4 John Mazzitelli 2011-11-01 13:47:26 UTC 
git commit:
release_jon3.x: 3d74362f9ea99bb0dd8a66ec85c012bbae6002df
master: fb1c12b52f9fc5e5ec98af36fbb669658f8f4380
Comment 5 Sunil Kondkar 2011-11-02 09:41:09 UTC 
Verified on build#672 (Version: 4.3.0-SNAPSHOT Build Number: ca0281f)

Followed the steps and verified that it does not display any exception and pop up message navigating to Summary->Timeline tab of a resource by a user without config read permission.
Comment 6 Mike Foley 2012-02-07 19:26:10 UTC 
marking VERIFIED JON 3 bugs to CLOSED/CURRENTRELEASE
Comment 7 Mike Foley 2012-02-07 19:31:45 UTC 
changing status of VERIFIED BZs for JON 2.4.2 and JON 3.0 to CLOSED/CURRENTRELEASE