Bug 1117832 - Filter creation allows me to enter and save with a field that isn't available for searching and blows up the resulting entity page
Summary: Filter creation allows me to enter and save with a field that isn't available...
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Satellite 6
Classification: Red Hat
Component: Provisioning
Version: 6.0.4
Hardware: Unspecified
OS: Unspecified
unspecified
medium vote
Target Milestone: Unspecified
Assignee: Dmitri Dolguikh
QA Contact: Tazim Kolhar
URL: http://projects.theforeman.org/issues...
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-07-09 13:28 UTC by Bryan Kearney
Modified: 2019-09-26 18:10 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-09-11 12:21:20 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Foreman Issue Tracker 5235 None None None 2016-04-22 15:15:10 UTC

Description Bryan Kearney 2014-07-09 13:28:03 UTC
1. Create a New Role
2. Click to add new Filter
3. Select 'Domain'
4. Add all permissions for Domain
5. Enter 'anything = 4' into the Search box
6. click 'Submit' (Note: no validation to stop you from saving this invalid filter)
7. Grant Role to user without any other permissions
8. Log in as new user
9. Navigate to Domains page
10. Attempt to create a Domain

Error output "Invalid search query: Field 'anything' not recognized for searching!"

Comment 1 Bryan Kearney 2014-07-09 13:28:03 UTC
Created from redmine issue http://projects.theforeman.org/issues/5235

Comment 2 Bryan Kearney 2014-07-09 13:28:05 UTC
Upstream bug assigned to ddolguik@redhat.com

Comment 4 Bryan Kearney 2014-07-09 13:47:40 UTC
Moving to POST since upstream bug http://projects.theforeman.org/issues/5235 has been closed
-------------
Dmitri Dolguikh
PR: https://github.com/theforeman/foreman/pull/1552
-------------
Anonymous
Applied in changeset commit:0545fd10e610f350e1b43783d3073ab2296bdf33.

Comment 7 Tazim Kolhar 2014-08-20 05:45:10 UTC
VERIFIED

Filter only allows valid permissions to be added

Comment 8 Bryan Kearney 2014-09-11 12:21:20 UTC
This was delivered with Satellite 6.0 which was released on 10 September 2014.


Note You need to log in before you can comment on or make changes to this bug.