Bug 804116

Summary: Settings tab appears blank for a non-admin user
Product: [Retired] CloudForms Cloud Engine Reporter: Ronelle Landy <rlandy>
Component: aeolus-conductorAssignee: Angus Thomas <athomas>
Status: CLOSED EOL QA Contact: Rehana <aeolus-qa-list>
Severity: low Docs Contact:
Priority: unspecified    
Version: 1.0.0CC: akarol, cpelland, dajohnso, deltacloud-maint, hbrock, ssachdev, sseago
Target Milestone: rcKeywords: Triaged
Target Release: ---   
Hardware: Unspecified   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-03-27 17:59:11 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Attachments:
Description Flags
Settings tab with bank body none

Description Ronelle Landy 2012-03-16 15:03:31 UTC
Description of problem:

For a non-admin user, who does not have permissions to change settings, the Settings tab appears blank... the 'Settings' heading and nothing else. (see attached screenshot)

Since Conductor knows what permissions/roles each user has, if a user cannot change any settings, it would be useful to see a message similar to the "Global Role Grants" telling the user that this action requires permissions they do not have currently.


Steps to Reproduce:
1. Log in as a non-admin user with minimal permissions
2. Click on Administer -> Settings
3. See tab with 'Settings' heading and blank body
  
rpms tested:

rpm -qa |grep aeolusrubygem-aeolus-cli-0.3.0-14.el6.noarch
aeolus-conductor-0.8.0-43.el6.noarch
rubygem-aeolus-image-0.3.0-12.el6.noarch
aeolus-conductor-daemons-0.8.0-43.el6.noarch
aeolus-all-0.8.0-43.el6.noarch
aeolus-conductor-doc-0.8.0-43.el6.noarch
aeolus-configure-2.5.0-18.el6.noarch

Comment 1 Ronelle Landy 2012-03-16 15:04:50 UTC
Created attachment 570632 [details]
Settings tab with bank body

Comment 2 Scott Seago 2012-03-16 17:37:53 UTC
Yes, the  code that renders the 'settings' tab should only display for users that have permissions to access the page (effectively the 'Administrator' role, but we don't test that way. "if check_privilege(Privilege::MODIFY)" should be added to the view code that renders the tab -- i.e. MODIFY permissions on the site-wide permissions placeholder, which is only granted to the site-wide Administrator role.