Bug 1136893 - organizations UI "All users" toggle not checking permissions for being displayed
Summary: organizations UI "All users" toggle not checking permissions for being displayed
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Satellite
Classification: Red Hat
Component: Users & Roles
Version: 6.0.4
Hardware: Unspecified
OS: Unspecified
unspecified
medium vote
Target Milestone: Unspecified
Assignee: Tomer Brisker
QA Contact: Corey Welton
URL: http://projects.theforeman.org/issues...
Whiteboard:
Depends On:
Blocks: sam20-tracker
TreeView+ depends on / blocked
 
Reported: 2014-09-03 14:25 UTC by Tom McKay
Modified: 2019-09-25 20:49 UTC (History)
7 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-07-27 08:44:34 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Foreman Issue Tracker 7335 None None None 2016-04-22 15:01:58 UTC
Red Hat Product Errata RHBA-2016:1500 normal SHIPPED_LIVE Red Hat Satellite 6.2 Base Libraries 2016-07-27 12:24:38 UTC

Description Tom McKay 2014-09-03 14:25:16 UTC
Users that do not have the ability to see all users should not be shown the UI toggle to add them to an organization. The same goes for the other resources types (Smart Proxies, Subnets, etc.).

The user should have edit org and view all users to see the toggle.

Comment 1 Tom McKay 2014-09-03 14:25:17 UTC
Created from redmine issue http://projects.theforeman.org/issues/7335

Comment 4 Bryan Kearney 2015-04-29 10:03:59 UTC
Moving to POST since upstream bug http://projects.theforeman.org/issues/7335 has been closed
-------------
Anonymous
Applied in changeset commit:42a712b356f7dabcad7e6a27d23cfb3253e463cf.

Comment 6 Jitendra Yejare 2015-09-07 08:31:18 UTC
Please provide the repro steps to verify.

Comment 7 Tomer Brisker 2015-09-16 08:03:50 UTC
1. Create a user with the edit_organization permission and a limited view_users permission (i.e. filtered so it only shows some users not all).
2. Go to edit organization -> users.
3. Verify that "all users" check box isn't displayed.
4. Repeat for other resource types and for locations.

Comment 8 Tazim Kolhar 2015-11-10 08:33:22 UTC
VERIFIED:
# rpm -qa | grep foreman
foreman-gce-1.11.0-0.develop.201511062002gitd3c978e.el7.noarch
hp-bl465cg7-01.rhts.eng.bos.redhat.com-foreman-client-1.0-1.noarch
hp-bl465cg7-01.rhts.eng.bos.redhat.com-foreman-proxy-1.0-1.noarch
foreman-selinux-1.11.0-0.develop.201510071426git6234447.el7.noarch
tfm-rubygem-foreman_bootdisk-6.0.0-2.fm1_10.el7.noarch
foreman-release-1.11.0-0.develop.201511062002gitd3c978e.el7.noarch
foreman-ovirt-1.11.0-0.develop.201511062002gitd3c978e.el7.noarch
tfm-rubygem-hammer_cli_foreman_tasks-0.0.8-1.el7.noarch
foreman-libvirt-1.11.0-0.develop.201511062002gitd3c978e.el7.noarch
foreman-postgresql-1.11.0-0.develop.201511062002gitd3c978e.el7.noarch
foreman-1.11.0-0.develop.201511062002gitd3c978e.el7.noarch
tfm-rubygem-foreman_gutterball-0.0.1-3.el7.noarch
hp-bl465cg7-01.rhts.eng.bos.redhat.com-foreman-proxy-client-1.0-1.noarch
tfm-rubygem-foreman_discovery-4.1.2-1.fm1_11.el7.noarch
foreman-compute-1.11.0-0.develop.201511062002gitd3c978e.el7.noarch
tfm-rubygem-hammer_cli_foreman_docker-0.0.3-4.el7.noarch
foreman-debug-1.11.0-0.develop.201511062002gitd3c978e.el7.noarch
foreman-proxy-1.11.0-0.develop.201511020918git26aba85.el7.noarch
foreman-vmware-1.11.0-0.develop.201511062002gitd3c978e.el7.noarch
tfm-rubygem-hammer_cli_foreman-0.4.0-1.201510201150gitab068d9.el7.noarch
tfm-rubygem-foreman_hooks-0.3.9-1.el7.noarch
tfm-rubygem-foreman-tasks-0.7.6-1.fm1_10.el7.noarch
foreman-release-scl-1-1.el7.x86_64
tfm-rubygem-foreman_docker-1.4.1-2.fm1_10.el7.noarch
tfm-rubygem-hammer_cli_foreman_bootdisk-0.1.3-3.el7.noarch

steps:
1. Create a user with the edit_organization permission and a limited view_users permission (i.e. filtered so it only shows some users not all).
2. Go to edit organization -> users.
3."all users" check box isn't displayed.
4. repeated for other resource types and for locations.

Comment 12 errata-xmlrpc 2016-07-27 08:44:34 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2016:1500


Note You need to log in before you can comment on or make changes to this bug.