Bug 1191197 - FATAL -- : Error caught: [MiqException::RbacPrivilegeException] The user is not authorized for this task or item.
Summary: FATAL -- : Error caught: [MiqException::RbacPrivilegeException] The user is n...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: UI - OPS
Version: 5.3.0
Hardware: All
OS: All
high
high
Target Milestone: GA
: 5.4.0
Assignee: Harpreet Kataria
QA Contact: Aziza Karol
URL:
Whiteboard:
: 1191256 1197225 1214296 (view as bug list)
Depends On:
Blocks: 1191222 1208565
TreeView+ depends on / blocked
 
Reported: 2015-02-10 16:26 UTC by Kevin Morey
Modified: 2019-06-13 08:13 UTC (History)
9 users (show)

Fixed In Version: 5.4.0.0.11
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 1191222 (view as bug list)
Environment:
Last Closed: 2015-06-16 12:50:16 UTC
Category: ---
Cloudforms Team: ---
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)
role with access for end user to view utilization (211.99 KB, image/png)
2015-02-10 16:26 UTC, Kevin Morey 		no flags Details
VMs Utilzation (66.63 KB, image/png)
2015-04-07 04:14 UTC, Aziza Karol 		no flags Details
View All


Links
System ID Private Priority Status Summary Last Updated
Red Hat Knowledge Base (Solution) 1444313 0 None None None Never
Red Hat Product Errata RHBA-2015:1100 0 normal SHIPPED_LIVE CFME 5.4.0 bug fixes, and enhancement update 2015-06-16 16:28:42 UTC

Description Kevin Morey 2015-02-10 16:26:35 UTC 
Created attachment 990154 [details]
role with access for end user to view utilization

Description of problem:
As a self-service user that has access to view my own VMs utilization. I should be able to see the utilization metrics.

Version-Release number of selected component (if applicable):
5.3.2.6

How reproducible:
always

Steps to Reproduce:
1. Create a self-service user role that only lets end users view services / workloads and have access to view VM utilization
2. login as the user and attempt to view a VMs utilization


Actual results:
RBAC error is thrown

Expected results:
Expected end user to view VMs utilization

Additional info:
[----] I, [2015-02-10T16:20:53.545475 #36958:9e983c]  INFO -- : Connecting to database specified by database.yml
[----] I, [2015-02-10T16:20:58.225699 #3013:d18030]  INFO -- : Started POST "/vm_or_template/x_button/510000000001734?pressed=vm_perf" for 127.0.0.1 at 2015-02-10 16:20:58 +0000
[----] I, [2015-02-10T16:20:58.229172 #3013:d18030]  INFO -- : Processing by VmOrTemplateController#x_button as JS
[----] I, [2015-02-10T16:20:58.229258 #3013:d18030]  INFO -- :   Parameters: {"display"=>"performance", "pressed"=>"vm_perf", "id"=>"510000000001734"}
[----] I, [2015-02-10T16:20:58.305917 #3013:d18030]  INFO -- :   Rendered layouts/_dhtmlx_tags.html.erb (1.1ms)
[----] I, [2015-02-10T16:20:58.306713 #3013:d18030]  INFO -- :   Rendered layouts/_dhtmlx_tags.html.erb (0.6ms)
[----] I, [2015-02-10T16:20:58.306884 #3013:d18030]  INFO -- :   Rendered layouts/_flash_msg.html.erb (0.1ms)
[----] I, [2015-02-10T16:20:58.307252 #3013:d18030]  INFO -- :   Rendered layouts/_perf_options.html.erb (0.3ms)
[----] I, [2015-02-10T16:20:58.307402 #3013:d18030]  INFO -- :   Rendered layouts/_perf_charts.html.erb (0.0ms)
[----] I, [2015-02-10T16:20:58.307489 #3013:d18030]  INFO -- :   Rendered layouts/_performance.html.erb (2.8ms)
[----] I, [2015-02-10T16:20:58.308865 #3013:d18030]  INFO -- :   Rendered layouts/_dhtmlx_tags.html.erb (0.9ms)
[----] I, [2015-02-10T16:20:58.309906 #3013:d18030]  INFO -- :   Rendered layouts/_x_adv_searchbox.html.erb (2.0ms)
[----] I, [2015-02-10T16:20:58.314895 #3013:d18030]  INFO -- : Completed 200 OK in 85.5ms (Views: 0.1ms | ActiveRecord: 31.8ms)
[----] I, [2015-02-10T16:20:58.661049 #3013:d18030]  INFO -- : Started POST "/vm_or_template/perf_chart_chooser/510000000001734" for 127.0.0.1 at 2015-02-10 16:20:58 +0000
[----] I, [2015-02-10T16:20:58.669327 #3013:d18030]  INFO -- : Processing by VmOrTemplateController#perf_chart_chooser as JS
[----] I, [2015-02-10T16:20:58.669413 #3013:d18030]  INFO -- :   Parameters: {"id"=>"510000000001734"}
[----] F, [2015-02-10T16:20:58.701553 #3013:d18030] FATAL -- : Error caught: [MiqException::RbacPrivilegeException] The user is not authorized for this task or item.
/var/www/miq/vmdb/app/controllers/application_controller.rb:2802:in `assert_privileges'
/var/www/miq/vmdb/app/controllers/application_controller/performance.rb:6:in `perf_chart_chooser'
/opt/rh/ruby193/root/usr/share/gems/gems/actionpack-3.2.17/lib/action_controller/metal/implicit_render.rb:4:in `send_action'
/opt/rh/ruby193/root/usr/share/gems/gems/actionpack-3.2.17/lib/abstract_controller/base.rb:167:in `process_action'
/opt/rh/ruby193/root/usr/share/gems/gems/actionpack-3.2.17/lib/action_controller/metal/rendering.rb:10:in `process_action'
/opt/rh/ruby193/root/usr/share/gems/gems/actionpack-3.2.17/lib/abstract_controller/callbacks.rb:18:in `block in process_action'
/opt/rh/ruby193/root/usr/share/gems/gems/activesupport-3.2.17/lib/active_support/callbacks.rb:513:in `_run__2990650478310931097__process_action__2427916662182586299__callbacks'
/opt/rh/ruby193/root/usr/share/gems/gems/activesupport-3.2.17/lib/active_support/callbacks.rb:405:in `__run_callback'
/opt/rh/ruby193/root/usr/share/gems/gems/activesupport-3.2.17/lib/active_support/callbacks.rb:385:in `_run_process_action_callbacks'
/opt/rh/ruby193/root/usr/share/gems/gems/activesupport-3.2.17/lib/active_support/callbacks.rb:81:in `run_callbacks'
/opt/rh/ruby193/root/usr/share/gems/gems/actionpack-3.2.17/lib/abstract_controller/callbacks.rb:17:in `process_action'
/opt/rh/ruby193/root/usr/share/gems/gems/actionpack-3.2.17/lib/action_controller/metal/rescue.rb:29:in `process_action'
/opt/rh/ruby193/root/usr/share/gems/gems/actionpack-3.2.17/lib/action_controller/metal/instrumentation.rb:30:in `block in process_action'
/opt/rh/ruby193/root/usr/share/gems/gems/activesupport-3.2.17/lib/active_support/notifications.rb:123:in `block in instrument'
/opt/rh/ruby193/root/usr/share/gems/gems/activesupport-3.2.17/lib/active_support/notifications/instrumenter.rb:20:in `instrument'
/opt/rh/ruby193/root/usr/share/gems/gems/activesupport-3.2.17/lib/active_support/notifications.rb:123:in `instrument'
/opt/rh/ruby193/root/usr/share/gems/gems/actionpack-3.2.17/lib/action_controller/metal/instrumentation.rb:29:in `process_action'
/opt/rh/ruby193/root/usr/share/gems/gems/actionpack-3.2.17/lib/action_controller/metal/params_wrapper.rb:207:in `process_action'
/opt/rh/ruby193/root/usr/share/gems/gems/activerecord-3.2.17/lib/active_record/railties/controller_runtime.rb:18:in `process_action'
/opt/rh/ruby193/root/usr/share/gems/gems/actionpack-3.2.17/lib/abstract_controller/base.rb:121:in `process'
/opt/rh/ruby193/root/usr/share/gems/gems/actionpack-3.2.17/lib/abstract_controller/rendering.rb:45:in `process'
/opt/rh/ruby193/root/usr/share/gems/gems/actionpack-3.2.17/lib/action_controller/metal.rb:203:in `dispatch'
/opt/rh/ruby193/root/usr/share/gems/gems/actionpack-3.2.17/lib/action_controller/metal/rack_delegation.rb:14:in `dispatch'
/opt/rh/ruby193/root/usr/share/gems/gems/actionpack-3.2.17/lib/action_controller/metal.rb:246:in `block in action'
/opt/rh/ruby193/root/usr/share/gems/gems/actionpack-3.2.17/lib/action_dispatch/routing/route_set.rb:73:in `call'
/opt/rh/ruby193/root/usr/share/gems/gems/actionpack-3.2.17/lib/action_dispatch/routing/route_set.rb:73:in `dispatch'
/opt/rh/ruby193/root/usr/share/gems/gems/actionpack-3.2.17/lib/action_dispatch/routing/route_set.rb:36:in `call'
/opt/rh/ruby193/root/usr/share/gems/gems/journey-1.0.4/lib/journey/router.rb:68:in `block in call'
/opt/rh/ruby193/root/usr/share/gems/gems/journey-1.0.4/lib/journey/router.rb:56:in `each'
/opt/rh/ruby193/root/usr/share/gems/gems/journey-1.0.4/lib/journey/router.rb:56:in `call'
/opt/rh/ruby193/root/usr/share/gems/gems/actionpack-3.2.17/lib/action_dispatch/routing/route_set.rb:608:in `call'
/opt/rh/ruby193/root/usr/share/gems/gems/rack-cache-1.2/lib/rack/cache/context.rb:136:in `forward'
/opt/rh/ruby193/root/usr/share/gems/gems/rack-cache-1.2/lib/rack/cache/context.rb:143:in `pass'
/opt/rh/ruby193/root/usr/share/gems/gems/rack-cache-1.2/lib/rack/cache/context.rb:155:in `invalidate'
/opt/rh/ruby193/root/usr/share/gems/gems/rack-cache-1.2/lib/rack/cache/context.rb:71:in `call!'
/opt/rh/ruby193/root/usr/share/gems/gems/rack-cache-1.2/lib/rack/cache/context.rb:51:in `call'
/opt/rh/ruby193/root/usr/share/gems/gems/actionpack-3.2.17/lib/action_dispatch/middleware/best_standards_support.rb:17:in `call'
/opt/rh/ruby193/root/usr/share/gems/gems/rack-1.4.5/lib/rack/etag.rb:23:in `call'
/opt/rh/ruby193/root/usr/share/gems/gems/rack-1.4.5/lib/rack/conditionalget.rb:35:in `call'
/opt/rh/ruby193/root/usr/share/gems/gems/actionpack-3.2.17/lib/action_dispatch/middleware/head.rb:14:in `call'
/opt/rh/ruby193/root/usr/share/gems/gems/actionpack-3.2.17/lib/action_dispatch/middleware/params_parser.rb:21:in `call'
/opt/rh/ruby193/root/usr/share/gems/gems/actionpack-3.2.17/lib/action_dispatch/middleware/flash.rb:242:in `call'
/opt/rh/ruby193/root/usr/share/gems/gems/rack-1.4.5/lib/rack/session/abstract/id.rb:210:in `context'
/opt/rh/ruby193/root/usr/share/gems/gems/rack-1.4.5/lib/rack/session/abstract/id.rb:205:in `call'
/opt/rh/ruby193/root/usr/share/gems/gems/actionpack-3.2.17/lib/action_dispatch/middleware/cookies.rb:341:in `call'
/opt/rh/ruby193/root/usr/share/gems/gems/activerecord-3.2.17/lib/active_record/query_cache.rb:64:in `call'
/opt/rh/ruby193/root/usr/share/gems/gems/activerecord-3.2.17/lib/active_record/connection_adapters/abstract/connection_pool.rb:479:in `call'
/opt/rh/ruby193/root/usr/share/gems/gems/actionpack-3.2.17/lib/action_dispatch/middleware/callbacks.rb:28:in `block in call'
/opt/rh/ruby193/root/usr/share/gems/gems/activesupport-3.2.17/lib/active_support/callbacks.rb:405:in `_run__207386630625644304__call__891622471744283124__callbacks'
/opt/rh/ruby193/root/usr/share/gems/gems/activesupport-3.2.17/lib/active_support/callbacks.rb:405:in `__run_callback'
/opt/rh/ruby193/root/usr/share/gems/gems/activesupport-3.2.17/lib/active_support/callbacks.rb:385:in `_run_call_callbacks'
/opt/rh/ruby193/root/usr/share/gems/gems/activesupport-3.2.17/lib/active_support/callbacks.rb:81:in `run_callbacks'
/opt/rh/ruby193/root/usr/share/gems/gems/actionpack-3.2.17/lib/action_dispatch/middleware/callbacks.rb:27:in `call'
/opt/rh/ruby193/root/usr/share/gems/gems/actionpack-3.2.17/lib/action_dispatch/middleware/remote_ip.rb:31:in `call'
/opt/rh/ruby193/root/usr/share/gems/gems/actionpack-3.2.17/lib/action_dispatch/middleware/debug_exceptions.rb:16:in `call'
/opt/rh/ruby193/root/usr/share/gems/gems/actionpack-3.2.17/lib/action_dispatch/middleware/show_exceptions.rb:56:in `call'
/opt/rh/ruby193/root/usr/share/gems/gems/railties-3.2.17/lib/rails/rack/logger.rb:32:in `call_app'
/opt/rh/ruby193/root/usr/share/gems/gems/railties-3.2.17/lib/rails/rack/logger.rb:18:in `call'
/opt/rh/ruby193/root/usr/share/gems/gems/actionpack-3.2.17/lib/action_dispatch/middleware/request_id.rb:22:in `call'
/opt/rh/ruby193/root/usr/share/gems/gems/rack-1.4.5/lib/rack/methodoverride.rb:21:in `call'
/opt/rh/ruby193/root/usr/share/gems/gems/rack-1.4.5/lib/rack/runtime.rb:17:in `call'
/opt/rh/ruby193/root/usr/share/gems/gems/activesupport-3.2.17/lib/active_support/cache/strategy/local_cache.rb:72:in `call'
/opt/rh/ruby193/root/usr/share/gems/gems/rack-1.4.5/lib/rack/lock.rb:15:in `call'
/opt/rh/ruby193/root/usr/share/gems/gems/actionpack-3.2.17/lib/action_dispatch/middleware/static.rb:63:in `call'
/opt/rh/ruby193/root/usr/share/gems/gems/railties-3.2.17/lib/rails/engine.rb:484:in `call'
/opt/rh/ruby193/root/usr/share/gems/gems/railties-3.2.17/lib/rails/application.rb:231:in `call'
/opt/rh/ruby193/root/usr/share/gems/gems/rack-1.4.5/lib/rack/content_length.rb:14:in `call'
/opt/rh/ruby193/root/usr/share/gems/gems/railties-3.2.17/lib/rails/rack/log_tailer.rb:17:in `call'
/opt/rh/ruby193/root/usr/share/gems/gems/thin-1.3.1/lib/thin/connection.rb:80:in `block in pre_process'
/opt/rh/ruby193/root/usr/share/gems/gems/thin-1.3.1/lib/thin/connection.rb:78:in `catch'
/opt/rh/ruby193/root/usr/share/gems/gems/thin-1.3.1/lib/thin/connection.rb:78:in `pre_process'
/opt/rh/ruby193/root/usr/share/gems/gems/thin-1.3.1/lib/thin/connection.rb:53:in `process'
/opt/rh/ruby193/root/usr/share/gems/gems/thin-1.3.1/lib/thin/connection.rb:38:in `receive_data'
/opt/rh/ruby193/root/usr/share/gems/gems/eventmachine-1.0.0/lib/eventmachine.rb:187:in `run_machine'
/opt/rh/ruby193/root/usr/share/gems/gems/eventmachine-1.0.0/lib/eventmachine.rb:187:in `run'
/opt/rh/ruby193/root/usr/share/gems/gems/thin-1.3.1/lib/thin/backends/base.rb:61:in `start'
/opt/rh/ruby193/root/usr/share/gems/gems/thin-1.3.1/lib/thin/server.rb:159:in `start'
/opt/rh/ruby193/root/usr/share/gems/gems/rack-1.4.5/lib/rack/handler/thin.rb:13:in `run'
/opt/rh/ruby193/root/usr/share/gems/gems/rack-1.4.5/lib/rack/server.rb:268:in `start'
/opt/rh/ruby193/root/usr/share/gems/gems/railties-3.2.17/lib/rails/commands/server.rb:70:in `start'
/opt/rh/ruby193/root/usr/share/gems/gems/railties-3.2.17/lib/rails/commands.rb:55:in `block in <top (required)>'
/opt/rh/ruby193/root/usr/share/gems/gems/railties-3.2.17/lib/rails/commands.rb:50:in `tap'
/opt/rh/ruby193/root/usr/share/gems/gems/railties-3.2.17/lib/rails/commands.rb:50:in `<top (required)>'
script/rails:6:in `require'
script/rails:6:in `<main>'
[----] I, [2015-02-10T16:20:58.702896 #3013:d18030]  INFO -- :   Rendered layouts/_exception_contents.html.erb (0.1ms)
[----] I, [2015-02-10T16:20:58.703365 #3013:d18030]  INFO -- : Completed 200 OK in 33.9ms (Views: 1.4ms | ActiveRecord: 13.8ms)
Comment 3 Harpreet Kataria 2015-02-10 21:58:52 UTC 
*** Bug 1191256 has been marked as a duplicate of this bug. ***
Comment 4 CFME Bot 2015-02-10 22:25:47 UTC 
New commit detected on manageiq/master:
https://github.com/ManageIQ/manageiq/commit/9dae9f70d36a5ba5ff265f780b4b81fd460e5666

commit 9dae9f70d36a5ba5ff265f780b4b81fd460e5666
Author:     Harpreet Kataria <hkataria>
AuthorDate: Tue Feb 10 13:09:46 2015 -0500
Commit:     Harpreet Kataria <hkataria>
CommitDate: Tue Feb 10 15:19:22 2015 -0500

    Changed role_allows? method to return true for common hidden features.
    
    - Changed role_allows? method to return true for common hidden features that are for read only buttons are used from different screen and are under a hidden parent.
    - Added parent_for_feature method to MiqProductFeature model that returns parent feature of a passed in feature.
    - Extended assert_privileges test to test hidden feature
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1191222
    https://bugzilla.redhat.com/show_bug.cgi?id=1191197

 vmdb/app/models/miq_product_feature.rb               |  4 ++++
 vmdb/app/models/user.rb                              |  8 +++++++-
 vmdb/spec/controllers/application_controller_spec.rb | 10 ++++++++--
 3 files changed, 19 insertions(+), 3 deletions(-)
Comment 5 CFME Bot 2015-02-10 22:30:46 UTC 
New commit detected on cfme/5.3.z:
https://code.engineering.redhat.com/gerrit/gitweb?p=cfme.git;a=commitdiff;h=0464405398e30e35b7a4dfdbb69b85fb952e7870

commit 0464405398e30e35b7a4dfdbb69b85fb952e7870
Author:     Harpreet Kataria <hkataria>
AuthorDate: Tue Feb 10 13:09:46 2015 -0500
Commit:     Harpreet Kataria <hkataria>
CommitDate: Tue Feb 10 17:26:17 2015 -0500

    Changed role_allows? method to return true for common hidden features.
    
    - Changed role_allows? method to return true for common hidden features that are for read only buttons are used from different screen and are under a hidden parent.
    - Added parent_for_feature method to MiqProductFeature model that returns parent feature of a passed in feature.
    - Extended assert_privileges test to test hidden feature
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1191222
    https://bugzilla.redhat.com/show_bug.cgi?id=1191197
    (cherry picked from commit 9dae9f7)

 vmdb/app/models/miq_product_feature.rb               | 4 ++++
 vmdb/app/models/user.rb                              | 8 +++++++-
 vmdb/spec/controllers/application_controller_spec.rb | 8 +++++++-
 3 files changed, 18 insertions(+), 2 deletions(-)
Comment 6 CFME Bot 2015-02-11 17:00:49 UTC 
New commit detected on cfme/5.3.z:
https://code.engineering.redhat.com/gerrit/gitweb?p=cfme.git;a=commitdiff;h=5122ebb9891c35539fd973914deea9b6d9736b9b

commit 5122ebb9891c35539fd973914deea9b6d9736b9b
Author:     Harpreet Kataria <hkataria>
AuthorDate: Wed Feb 11 11:57:38 2015 -0500
Commit:     Harpreet Kataria <hkataria>
CommitDate: Wed Feb 11 11:57:38 2015 -0500

    Fixed failing spec test.
    
    Changed feature id to be the parent id of feature that needs to be checked, seeding of specific features on 5.3.z is done differently have to load the parent node to seed a feature.
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1191222
    https://bugzilla.redhat.com/show_bug.cgi?id=1191197

 vmdb/spec/controllers/application_controller_spec.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
Comment 8 Aziza Karol 2015-04-07 04:13:51 UTC 
User is able to view VMs utilization.

Verified:
5.4.0.0.14.20150325124454_9e339f3
Comment 9 Aziza Karol 2015-04-07 04:14:37 UTC 
Created attachment 1011612 [details]
VMs Utilzation
Comment 10 Roman Blanco 2015-04-07 20:49:41 UTC 
*** Bug 1197225 has been marked as a duplicate of this bug. ***
Comment 11 Harpreet Kataria 2015-04-22 21:43:04 UTC 
*** Bug 1214296 has been marked as a duplicate of this bug. ***
Comment 13 errata-xmlrpc 2015-06-16 12:50:16 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-1100.html
Note You need to log in before you can comment on or make changes to this bug.