Description of problem: When trying to create a reports using chargebacks as context an user using a new role copied from EVM-Super_administrator, this user does not have all the options on the filters tab such as to use tags. Log off and log back in using admin user account and report can be created properly. Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. copy internal super admin role 2. connect ldap user from AD group to this role 3. try to create a chargeback report as this user 4. Try to apply a proper filter using tags - drop down will be missing. Actual results: Expected results: Additional info:
Xav, we have always treated super admin special, so much so that we always allow super admin to sign in even if an external authentication system is active. We have no real way of identifying that a role is "super", except the one we ship with the product that we identify by name. Should this be an RFE to figure out a way to identify user created roles as super so we can allow them all of the super admin capabilities?
https://github.com/ManageIQ/manageiq/pull/17444
https://github.com/ManageIQ/manageiq-ui-classic/pull/3968
https://github.com/ManageIQ/manageiq-ui-classic/pull/3993
https://github.com/ManageIQ/manageiq-api/pull/385
New commit detected on ManageIQ/manageiq/master: https://github.com/ManageIQ/manageiq/commit/db76d9632ceeab8f58f8375dc8d95f864680e970 commit db76d9632ceeab8f58f8375dc8d95f864680e970 Author: Keenan Brock <keenan> AuthorDate: Tue May 15 16:53:19 2018 -0400 Commit: Keenan Brock <keenan> CommitDate: Tue May 15 16:53:19 2018 -0400 use features to check if a role is an admin role the role name used to determine if it were https://bugzilla.redhat.com/show_bug.cgi?id=1090627 app/models/miq_group.rb | 6 +- app/models/miq_product_feature.rb | 4 +- app/models/miq_user_role.rb | 12 +- app/models/user.rb | 9 +- db/fixtures/miq_product_features.yml | 5 + db/fixtures/miq_user_roles.yml | 1 + lib/rbac/filterer.rb | 5 +- spec/factories/miq_user_role.rb | 13 +- spec/lib/task_helpers/exports/roles_spec.rb | 2 +- 9 files changed, 40 insertions(+), 17 deletions(-)
New commit detected on ManageIQ/manageiq-api/master: https://github.com/ManageIQ/manageiq-api/commit/bf3b8020a4d71a1962df35182327b64761e4da7f commit bf3b8020a4d71a1962df35182327b64761e4da7f Author: Keenan Brock <keenan> AuthorDate: Thu May 24 19:24:19 2018 -0400 Commit: Keenan Brock <keenan> CommitDate: Thu May 24 19:24:19 2018 -0400 use request_admin_user? the generic admin is phased out. Instead we are using the actual property. `request_admin_user?` is a shortcut for request superadmin privs https://bugzilla.redhat.com/show_bug.cgi?id=1090627 app/controllers/api/automation_requests_controller.rb | 4 +- app/controllers/api/provision_requests_controller.rb | 4 +- app/controllers/api/requests_controller.rb | 4 +- app/controllers/api/service_requests_controller.rb | 4 +- spec/requests/automation_requests_spec.rb | 4 +- spec/requests/provision_requests_spec.rb | 6 +- spec/requests/requests_spec.rb | 4 +- spec/requests/service_requests_spec.rb | 4 +- 8 files changed, 17 insertions(+), 17 deletions(-)
New commit detected on ManageIQ/manageiq-ui-classic/master: https://github.com/ManageIQ/manageiq-ui-classic/commit/326f3f68d36e88b39a88f67580e93ef145921f73 commit 326f3f68d36e88b39a88f67580e93ef145921f73 Author: Keenan Brock <keenan> AuthorDate: Mon May 21 10:59:58 2018 -0400 Commit: Keenan Brock <keenan> CommitDate: Mon May 21 10:59:58 2018 -0400 Use {report,request}_admin_user? https://bugzilla.redhat.com/show_bug.cgi?id=1090627 app/controllers/application_controller.rb | 4 +- app/controllers/application_controller/current_user.rb | 6 +- app/controllers/chargeback_controller.rb | 2 +- app/controllers/configuration_controller.rb | 14 +- app/controllers/report_controller.rb | 2 +- app/controllers/report_controller/menus.rb | 6 +- app/controllers/report_controller/saved_reports.rb | 2 +- app/helpers/application_helper/button/miq_request_delete.rb | 2 +- app/presenters/tree_builder_report_saved_reports.rb | 4 +- app/views/layouts/_adv_search_body.html.haml | 2 +- app/views/layouts/_adv_search_footer.html.haml | 2 +- spec/controllers/report_controller/widget_spec.rb | 2 +- spec/helpers/application_helper/buttons/miq_request_delete_spec.rb | 2 +- 13 files changed, 25 insertions(+), 25 deletions(-)
Thanks all
verified in 5.10.0.4
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2019:0212