Description of problem: I think, we need some informations in API Overview, which of functions are accessible for the read-only users. Because not all getter functions are accessible for read-only users (few examples are below). Here is some examples: packages.provider.list satellite.getCertificateExpirationDate sync.slave.getSlaves org.listSoftwareEntitlements org.listSystemEntitlements org.listOrgs sync.master.getMasters user.external.listExternalGroupToRoleMaps user.external.getKeepTemporaryRoles user.external.getUseOrgUnit user.external.getDefaultOrg ... Version-Release number of selected component (if applicable): Sat 5.7 (spacewalk-html-2.3.2-3.el6sat, spacewalk-java-2.3.8-15.el6sat) How reproducible: 100% Steps to Reproduce: 1. open page https://<fqdn>/rhn/apidoc/handlers/PackagesProviderHandler.jsp Actual results: no informations about read-only functions. Expected results: some icons or tags, what say "This functions is also accessible for the read-only user." Additional info:
Read-only users have access to any API that their other Satellite permissions give them access to. org.listOrgs, for example, is limited to only Satellite Administrators. If you have a read-only user who is a Satellite Admin, they have access to that API method. read-only means that, no matter what your other privileges, you may not access the web-ui, and may only access API methods whose names start with get/list/is. Access to those methods is then further limited by the user's regular Satellite privileges. It sounds like what we're really asking for here, is an icon per-method for which privilege it requires. That's going to take some doing, since each method makes up its own mind about what privs it requires.
*** This bug has been marked as a duplicate of bug 1147832 ***