Bug 831106

Summary: Own user role security manager permissions change leads to "RuntimeException" and "Failure" alert on GUI.
Product: [Other] RHQ Project Reporter: Armine Hovsepyan <ahovsepy>
Component: No ComponentAssignee: Nobody <nobody>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: unspecified    
Version: unspecifiedCC: hrupp, jshaughn
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Alert
none
exception none

Description Armine Hovsepyan 2012-06-12 08:13:03 UTC
Created attachment 591129 [details]
Alert

Description of problem:
User with Security manager enabled is disabling it from administration page, after which Administration page is not being visible for that user anymore: Runtime Exception is being thrown with "Warning: Server returned FAILURE with no error message" alert on GUI.

Version-Release number of selected component (if applicable):
JON - Version: 3.1.0.ER6

How reproducible:
always

Steps to Reproduce:
1.Log in with rhqadmin super user
2.Create role "testRole" with Security Manager switched on (like super admin)
3.Create "testUser" user with this role
4.Log in with "testUser"
5. Click on Administraiton -> Roles -> testRole
6. Uncheck Security manager (also manage Inventory, manage Settings, manage bundles, manage Repositories) checkboxes and save role 
7. Click on testRole link
  
Actual results:
Warning alert is being shown
Runtime Exception is being thrown in messages Center

Expected results:
testRole should be not clickable anymore (as it is after the page refresh)

Additional info:
please get attached screenshots

Comment 1 Armine Hovsepyan 2012-06-12 08:13:29 UTC
Created attachment 591130 [details]
exception

Comment 2 Jay Shaughnessy 2012-06-15 20:56:57 UTC
Recommend low priority or won't fix.  A user removing his own manage_security perm seems like a real corner case.