| Summary: | For non-admin user submenu for Administer is rendered when clicked on My Accounts. | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | [Retired] CloudForms Cloud Engine | Reporter: | Aziza Karol <akarol> | ||||||
| Component: | aeolus-conductor | Assignee: | Tzu-Mainn Chen <tzumainn> | ||||||
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Shveta <ssachdev> | ||||||
| Severity: | unspecified | Docs Contact: | |||||||
| Priority: | unspecified | ||||||||
| Version: | 1.0.0 | CC: | akarol, deltacloud-maint, jprovazn, slinaber, ssachdev | ||||||
| Target Milestone: | rc | ||||||||
| Target Release: | --- | ||||||||
| Hardware: | Unspecified | ||||||||
| OS: | Unspecified | ||||||||
| Whiteboard: | |||||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||||
| Doc Text: | Story Points: | --- | |||||||
| Clone Of: | |||||||||
| : | 784108 (view as bug list) | Environment: | |||||||
| Last Closed: | 2012-08-30 17:14:05 UTC | Type: | --- | ||||||
| Regression: | --- | Mount Type: | --- | ||||||
| Documentation: | --- | CRM: | |||||||
| Verified Versions: | Category: | --- | |||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||
| Attachments: |
|
||||||||
|
Description
Aziza Karol
2012-01-12 10:20:53 UTC
Administration tab link points to users index page and most of non-admin users won't have perms to list other users. But some non-admin users can have other "admin" permissiosn (for example for building images), IOW they have a reason why they should be able to access subtabs in admin section. Because subtabs are rendered as part of any page in admin tab, it's not rendered when the permission error is raised -> a non-admin user can't click through UI to any admin page if he is trapped by the user perms error. Solution could be rendering of admin subtabs as part of layout. A couple of actions required. - Can we restyle the "You have insufficient privileges to perform action." message, perhaps with the flash error tool, so that it is less ugly - Change the wording to "You have insufficient privileges to perform the selected action." - Change the behaviour when a non-admin user clicks on the top-level Administer tab so that it is the same as when a user clicks on "My Account" Created attachment 552458 [details]
flash error sample
sample of flash error
For the first part of the issue (restyling to use the flash error tool); errors are handled with a generic handle_error method that generates an error page. There are some options: a) have this specific permission error create a flash error b) have all permission errors create a flash error c) have all errors create a flash error Is there a preference? Additionally, I've attached a screenshot of what the page looks like if we use the flash error and remove the message. The flash error goes above the main body, and the main body is completely blank. Does that look. . . odd? It might just be me. Mainn Pushed commits: commit 117778436377e4ac6afb6aa98d09f77538d24bd1 BZ 773580 added redirect to account_url if user is not permissioned for admin commit 42fdc529d310ac5ab10e8ba90832f26a891d22c9 BZ 773580 changed html error message to display flash error commit 5030645dc6dc4a92d12e9d616838b98ecbdc535b BZ 773580 replaced permission error message with locale message commit cea92456b5185685bdaa85e0710d6c278f036a73 BZ 773580 added permission_denied messages aeolus-conductor-0.8.0-7.el6.src.rpm Verified -Wording is changed to "You have insufficient privileges to perform the selected action." - Behaviour when a non-admin user clicks on the top-level Administer and "My Account" is same now ============================================================= rpm -qa|grep aeolus aeolus-conductor-daemons-0.8.0-7.el6.noarch rubygem-aeolus-image-0.3.0-2.el6.noarch aeolus-configure-2.5.0-4.el6.noarch rubygem-aeolus-cli-0.3.0-3.el6.noarch aeolus-conductor-0.8.0-7.el6.noarch aeolus-all-0.8.0-7.el6.noarch aeolus-conductor-doc-0.8.0-7.el6.noarch Created attachment 555746 [details]
wording
|