Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
Bug 1112563 - roles: content-search doesn't show packages to normal user, who has permission to view_product
roles: content-search doesn't show packages to normal user, who has permissio...
Status: CLOSED ERRATA
Product: Red Hat Satellite 6
Classification: Red Hat
Component: Users & Roles (Show other bugs)
6.0.3
Unspecified Unspecified
unspecified Severity medium (vote)
: Unspecified
: Unused
Assigned To: Eric Helms
Sachin Ghai
http://projects.theforeman.org/issues...
: Triaged
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2014-06-24 04:27 EDT by Sachin Ghai
Modified: 2017-02-23 16:14 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-08-12 01:09:51 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
rotating spinner along with type error in firebug (66.60 KB, image/png)
2014-06-24 04:27 EDT, Sachin Ghai
no flags Details
assigned perms along from selected resources to a normal user (37.13 KB, image/png)
2014-06-24 04:29 EDT, Sachin Ghai
no flags Details
I can see packages under content-search page via normal user who has view-product permission (95.28 KB, image/png)
2015-04-02 03:46 EDT, Sachin Ghai
no flags Details


External Trackers
Tracker ID Priority Status Summary Last Updated
Foreman Issue Tracker 9554 None None None 2016-04-22 11:47 EDT
Red Hat Product Errata RHSA-2015:1592 normal SHIPPED_LIVE Important: Red Hat Satellite 6.1.1 on RHEL 6 2015-08-12 05:04:35 EDT

  None (edit)
Description Sachin Ghai 2014-06-24 04:27:36 EDT
Created attachment 911662 [details]
rotating spinner along with type error in firebug

Description of problem:
I was trying to view contents via content search. I can see content-views, products, repositories etc. But when I tried to view packages, spinner starts rotating on webUI and keep on rotating.

Also, Firebug raises error: 

TypeError: item is null
	
..."active-result")?$(evt.target):$(evt.target).parents(".active-result").first();i...

Version-Release number of selected component (if applicable):
sat6 beta snap10 compose2

How reproducible:
always

Steps to Reproduce:
1. create a role via admin user and add permissions as per the attached screenshot
2. go to content-search and search or packages ( Make sure firebug is ON)
3.

Actual results:
TypeError: item is null
	
..."active-result")?$(evt.target):$(evt.target).parents(".active-result").first();i...


Expected results:
packages should be listed.

Additional info: I didn't see any other resource type who have permission to view packages.


following request made while searching for packages:

Processing by Katello::ContentSearchController#packages as */*
  Parameters: {"repos"=>{"search"=>""}, "packages"=>{"search"=>""}, "content_type"=>"packages", "mode"=>"all", "environments"=>[1], "content_search"=>{"repos"=>{"search"=>""}, "packages"=>{"search"=>""}, "content_type"=>"packages", "mode"=>"all", "environments"=>[1]}}
  Rendered /opt/rh/ruby193/root/usr/share/gems/gems/katello-1.5.0/app/views/katello/content_search/_container_hover.html.haml (245.5ms)
  Rendered /opt/rh/ruby193/root/usr/share/gems/gems/katello-1.5.0/app/views/katello/content_search/_container_hover.html.haml (46.6ms)
  Rendered /opt/rh/ruby193/root/usr/share/gems/gems/katello-1.5.0/app/views/katello/content_search/_repo_hover.html.haml (18.9ms)
  Rendered /opt/rh/ruby193/root/usr/share/gems/gems/katello-1.5.0/app/views/katello/content_search/_repo_hover.html.haml (19.5ms)
  Rendered /opt/rh/ruby193/root/usr/share/gems/gems/katello-1.5.0/app/views/katello/content_search/_container_hover.html.haml (25.4ms)
  Rendered /opt/rh/ruby193/root/usr/share/gems/gems/katello-1.5.0/app/views/katello/content_search/_container_hover.html.haml (23.2ms)
  Rendered /opt/rh/ruby193/root/usr/share/gems/gems/katello-1.5.0/app/views/katello/content_search/_repo_hover.html.haml (17.1ms)
  Rendered /opt/rh/ruby193/root/usr/share/gems/gems/katello-1.5.0/app/views/katello/content_search/_repo_hover.html.haml (205.3ms)
Completed 200 OK in 1363ms (Views: 624.6ms | ActiveRecord: 34.9ms)
Comment 1 Sachin Ghai 2014-06-24 04:29:49 EDT
Created attachment 911663 [details]
assigned perms along from selected resources to a normal user
Comment 3 Eric Helms 2015-02-25 15:12:37 EST
Created redmine issue http://projects.theforeman.org/issues/9554 from this bug
Comment 4 Eric Helms 2015-02-25 15:55:59 EST
This was actually broken in all cases and a regression from a prior bug fix. 

https://github.com/Katello/katello/pull/5050
Comment 5 Bryan Kearney 2015-03-10 10:02:29 EDT
Moving to POST since upstream bug http://projects.theforeman.org/issues/9554 has been closed
-------------
Eric Helms
Applied in changeset commit:katello|2162948c05f28f830dfe4545b0f07fab88db55d8.
Comment 8 Sachin Ghai 2015-04-02 03:44:01 EDT
Verified with sat6.1 beta snap9 ( Satellite-6.1.0-RHEL-6-20150331.1). I created a user with all those permissions given in the attachment. And I can see the packages from selected repo via a normal user who has view_product permission.

And I don't see any error in firebug. Please see the attachment. Moving this to verified.
Comment 9 Sachin Ghai 2015-04-02 03:46:41 EDT
Created attachment 1010034 [details]
I can see packages under content-search page via normal user who has view-product permission
Comment 10 Bryan Kearney 2015-08-11 09:29:07 EDT
This bug is slated to be released with Satellite 6.1.
Comment 11 errata-xmlrpc 2015-08-12 01:09:51 EDT
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2015:1592

Note You need to log in before you can comment on or make changes to this bug.