Description of problem: If you create a user that only has Read-only permissions on resources. When navigating to Alert, Monitoring, Configuration tabs for resources a Red banner pops up with "Cannot store preferences" message. The underlying stack trace from the message center is: Message : Cannot store preferences Severity : Error Time : Monday, February 17, 2014 8:15:36 AM UTC-6 Root Cause : [1392646536178] org.rhq.enterprise.server.authz.PermissionException:You [ROUser] do not have permission to update user [rhqadmin]. Detail : java.lang.RuntimeException:[1392646536178] org.rhq.enterprise.server.authz.PermissionException:You [ROUser] do not have permission to update user [rhqadmin]. --- STACK TRACE FOLLOWS --- [1392646536178] org.rhq.enterprise.server.authz.PermissionException:You [ROUser] do not have permission to update user [rhqadmin]. at Unknown.RuntimeException_0(Unknown Source) at Unknown.instantiate_32(Unknown Source) at Unknown.$instantiate_0(Unknown Source) at Unknown.$instantiate(Unknown Source) at Unknown.$readObject(Unknown Source) at Unknown.$onResponseReceived(Unknown Source) at Unknown.onResponseReceived_6(Unknown Source) at Unknown.$fireOnResponseReceived(Unknown Source) at Unknown.onReadyStateChange_0(Unknown Source) at Unknown.this$static.onreadystatechange<(Unknown Source) at Unknown.apply(Unknown Source) at Unknown.entry0(Unknown Source) at Unknown.anonymous(Unknown Source) at Unknown.anonymous(Unknown Source) Version-Release number of selected component (if applicable): 3.2 How reproducible: All the time Steps to Reproduce: 1. Create a role with only Read permissions on a Resource Group 2. Create a user and assign it the above Read only role 3. Login as the new user, navigate to a resource and click on one of it's tabs, Monitoring, Alerts, etc. (it occurs on all of them) 4. Sometimes for a split-second you'll see the appropriate green banner- stating the user doesn have edit permissions. Then it switches to the red banner with the "Cannot store preferences" Actual results: A Red banner with "Cannot store preferences" Expected results: A Green banner with "user doesn't have edit permissions" Additional info:
I am not able to reproduce it following the repro steps. No exception for all the tabs (Alerts, Monitoring, Configuration). However, I was able to see the same exception when trying to change the monitoring interval to some custom value, so I am addressing this use case.
branch: master link: http://git.fedorahosted.org/cgit/rhq/rhq.git/commit/?id=5778be1eb time: 2014-02-24 16:52:34 +0100 commit: 5778be1eb9539e7c75f11fb0e3c7efe4ac4c719e author: Jirka Kremser - jkremser message: [BZ 1066060] - "Cannot store preferences" message with a Read Only user - The custom date range UI component that uses user's preferences were lazily instantiated -> when user logged out and logged in the same cached instance was returned and it caused the exception. I've added the method that invalidates the cached singleton instance in user session manager login callback so we can still save some resources by doing it lazily, but at the same time if a new user logs in it gets its own preferences. ..waiting for c-pick
cherry picked to release branch: 205dba0f6
Moving to ON_QA as available for test in latest build: http://jon01.mw.lab.eng.bos.redhat.com:8042/dist/release/jon/3.2.2.GA/6-28-2014/
verified
Created attachment 913399 [details] read_only_res
This has been verified and released in Red Hat JBoss Operations Network 3.2 Update 02 (3.2.2) available from the Red Hat Customer Portal[1]. [1]: https://access.redhat.com/jbossnetwork/restricted/softwareDetail.html?softwareId=31783