1201751 – RBAC: Unexpected Error when clicked on catalog items for user with only permission to Catalogs

Bug 1201751 - RBAC: Unexpected Error when clicked on catalog items for user with only permission to Catalogs

Summary: RBAC: Unexpected Error when clicked on catalog items for user with only permi...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat CloudForms Management Engine
Classification:	Red Hat
Component:	UI - OPS
Sub Component:
Version:	5.4.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	medium
Target Milestone:	GA
Target Release:	5.4.0
Assignee:	Milan Zázrivec
QA Contact:	Aziza Karol
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2015-03-13 12:26 UTC by Aziza Karol
Modified:	2015-06-16 12:52 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2015-06-16 12:52:53 UTC
Category:	---
Cloudforms Team:	---
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
snp (38.21 KB, image/png) 2015-03-13 12:26 UTC, Aziza Karol	no flags	Details
err (52.67 KB, image/png) 2015-03-13 12:27 UTC, Aziza Karol	no flags	Details
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2015:1100	0	normal	SHIPPED_LIVE	CFME 5.4.0 bug fixes, and enhancement update	2015-06-16 16:28:42 UTC

Description Aziza Karol 2015-03-13 12:26:58 UTC

Created attachment 1001368 [details]
snp

Description of problem:


Version-Release number of selected component (if applicable):
5.4.0.0.11.20150309201930_8b6a235

How reproducible:
100%

Steps to Reproduce:
1. Create role, assign permissions for "Services", "Catalog Explorer", "Catalogs" only
2.create a group and assign this role 
3.create user with the above role
4. Log in as the user

Actual results:
 undefined method `[]' for nil:NilClass [catalog/x_show] displayed in UI. see attached screenshot

Expected results:
No error

Additional info:
production.log
rec_id"=>"2", "id"=>"2"}
[----] F, [2015-03-13T08:24:53.209945 #2540:1103e9c] FATAL -- : Error caught: [NoMethodError] undefined method `[]' for nil:NilClass
/var/www/miq/vmdb/app/presenters/tree_node_builder.rb:266:in `format_parent_id'
/var/www/miq/vmdb/app/presenters/tree_node_builder.rb:287:in `build_object_id'
/var/www/miq/vmdb/app/presenters/tree_node_builder.rb:45:in `build_id'
/var/www/miq/vmdb/app/presenters/tree_node_builder.rb:35:in `build_id'
/var/www/miq/vmdb/app/controllers/application_controller/explorer.rb:345:in `x_build_node_id'
/var/www/miq/vmdb/app/controllers/catalog_controller.rb:280:in `x_show'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/actionpack/lib/action_controller/metal/implicit_render.rb:4:in `send_action'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/actionpack/lib/abstract_controller/base.rb:167:in `process_action'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/actionpack/lib/action_controller/metal/rendering.rb:10:in `process_action'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/actionpack/lib/abstract_controller/callbacks.rb:18:in `block in process_action'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/activesupport/lib/active_support/callbacks.rb:557:in `_run__2384446414144801526__process_action__529709786097913209__callbacks'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/activesupport/lib/active_support/callbacks.rb:405:in `__run_callback'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/activesupport/lib/active_support/callbacks.rb:385:in `_run_process_action_callbacks'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/activesupport/lib/active_support/callbacks.rb:81:in `run_callbacks'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/actionpack/lib/abstract_controller/callbacks.rb:17:in `process_action'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/actionpack/lib/action_controller/metal/rescue.rb:29:in `process_action'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/actionpack/lib/action_controller/metal/instrumentation.rb:30:in `block in process_action'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/activesupport/lib/active_support/notifications.rb:123:in `block in instrument'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/activesupport/lib/active_support/notifications/instrumenter.rb:20:in `instrument'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/activesupport/lib/active_support/notifications.rb:123:in `instrument'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/actionpack/lib/action_controller/metal/instrumentation.rb:29:in `process_action'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/actionpack/lib/action_controller/metal/params_wrapper.rb:207:in `process_action'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/activerecord/lib/active_record/railties/controller_runtime.rb:18:in `process_action'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/actionpack/lib/abstract_controller/base.rb:121:in `process'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/actionpack/lib/abstract_controller/rendering.rb:45:in `process'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/actionpack/lib/action_controller/metal.rb:203:in `dispatch'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/actionpack/lib/action_controller/metal/rack_delegation.rb:14:in `dispatch'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/actionpack/lib/action_controller/metal.rb:246:in `block in action'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/actionpack/lib/action_dispatch/routing/route_set.rb:73:in `call'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/actionpack/lib/action_dispatch/routing/route_set.rb:73:in `dispatch'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/actionpack/lib/action_dispatch/routing/route_set.rb:36:in `call'
/opt/rh/cfme-gemset/gems/journey-1.0.4/lib/journey/router.rb:68:in `block in call'
/opt/rh/cfme-gemset/gems/journey-1.0.4/lib/journey/router.rb:56:in `each'
/opt/rh/cfme-gemset/gems/journey-1.0.4/lib/journey/router.rb:56:in `call'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/actionpack/lib/action_dispatch/routing/route_set.rb:608:in `call'
/opt/rh/cfme-gemset/gems/rack-cache-1.2/lib/rack/cache/context.rb:136:in `forward'
/opt/rh/cfme-gemset/gems/rack-cache-1.2/lib/rack/cache/context.rb:143:in `pass'
/opt/rh/cfme-gemset/gems/rack-cache-1.2/lib/rack/cache/context.rb:155:in `invalidate'
/opt/rh/cfme-gemset/gems/rack-cache-1.2/lib/rack/cache/context.rb:71:in `call!'
/opt/rh/cfme-gemset/gems/rack-cache-1.2/lib/rack/cache/context.rb:51:in `call'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/actionpack/lib/action_dispatch/middleware/best_standards_support.rb:17:in `call'
/opt/rh/cfme-gemset/gems/rack-1.4.5/lib/rack/etag.rb:23:in `call'
/opt/rh/cfme-gemset/gems/rack-1.4.5/lib/rack/conditionalget.rb:35:in `call'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/actionpack/lib/action_dispatch/middleware/head.rb:14:in `call'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/actionpack/lib/action_dispatch/middleware/params_parser.rb:21:in `call'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/actionpack/lib/action_dispatch/middleware/flash.rb:242:in `call'
/opt/rh/cfme-gemset/gems/rack-1.4.5/lib/rack/session/abstract/id.rb:210:in `context'
/opt/rh/cfme-gemset/gems/rack-1.4.5/lib/rack/session/abstract/id.rb:205:in `call'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/actionpack/lib/action_dispatch/middleware/cookies.rb:341:in `call'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/activerecord/lib/active_record/query_cache.rb:64:in `call'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/activerecord/lib/active_record/connection_adapters/abstract/connection_pool.rb:479:in `call'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/actionpack/lib/action_dispatch/middleware/callbacks.rb:28:in `block in call'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/activesupport/lib/active_support/callbacks.rb:405:in `_run__2425762548919783621__call__63554108234434289__callbacks'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/activesupport/lib/active_support/callbacks.rb:405:in `__run_callback'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/activesupport/lib/active_support/callbacks.rb:385:in `_run_call_callbacks'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/activesupport/lib/active_support/callbacks.rb:81:in `run_callbacks'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/actionpack/lib/action_dispatch/middleware/callbacks.rb:27:in `call'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/actionpack/lib/action_dispatch/middleware/remote_ip.rb:31:in `call'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/actionpack/lib/action_dispatch/middleware/debug_exceptions.rb:16:in `call'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/actionpack/lib/action_dispatch/middleware/show_exceptions.rb:56:in `call'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/railties/lib/rails/rack/logger.rb:32:in `call_app'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/railties/lib/rails/rack/logger.rb:18:in `call'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/actionpack/lib/action_dispatch/middleware/request_id.rb:22:in `call'
/opt/rh/cfme-gemset/gems/rack-1.4.5/lib/rack/methodoverride.rb:21:in `call'
/opt/rh/cfme-gemset/gems/rack-1.4.5/lib/rack/runtime.rb:17:in `call'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/activesupport/lib/active_support/cache/strategy/local_cache.rb:72:in `call'
/opt/rh/cfme-gemset/gems/rack-1.4.5/lib/rack/lock.rb:15:in `call'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/actionpack/lib/action_dispatch/middleware/static.rb:63:in `call'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/railties/lib/rails/engine.rb:484:in `call'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/railties/lib/rails/application.rb:231:in `call'
/opt/rh/cfme-gemset/gems/rack-1.4.5/lib/rack/content_length.rb:14:in `call'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/railties/lib/rails/rack/log_tailer.rb:17:in `call'
/opt/rh/cfme-gemset/gems/thin-1.3.1/lib/thin/connection.rb:80:in `block in pre_process'
/opt/rh/cfme-gemset/gems/thin-1.3.1/lib/thin/connection.rb:78:in `catch'
/opt/rh/cfme-gemset/gems/thin-1.3.1/lib/thin/connection.rb:78:in `pre_process'
/opt/rh/cfme-gemset/gems/thin-1.3.1/lib/thin/connection.rb:53:in `process'
/opt/rh/cfme-gemset/gems/thin-1.3.1/lib/thin/connection.rb:38:in `receive_data'
/opt/rh/cfme-gemset/gems/eventmachine-1.0.7/lib/eventmachine.rb:187:in `run_machine'
/opt/rh/cfme-gemset/gems/eventmachine-1.0.7/lib/eventmachine.rb:187:in `run'
/opt/rh/cfme-gemset/gems/thin-1.3.1/lib/thin/backends/base.rb:61:in `start'
/opt/rh/cfme-gemset/gems/thin-1.3.1/lib/thin/server.rb:159:in `start'
/opt/rh/cfme-gemset/gems/rack-1.4.5/lib/rack/handler/thin.rb:13:in `run'
/opt/rh/cfme-gemset/gems/rack-1.4.5/lib/rack/server.rb:268:in `start'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/railties/lib/rails/commands/server.rb:70:in `start'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/railties/lib/rails/commands.rb:55:in `block in <top (required)>'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/railties/lib/rails/commands.rb:50:in `tap'
/opt/rh/cfme-gemset/bundler/gems/rails-8f014fba21f9/railties/lib/rails/commands.rb:50:in `<top (required)>'
script/rails:6:in `require'
script/rails:6:in `<main>'

Comment 1 Aziza Karol 2015-03-13 12:27:44 UTC

Created attachment 1001369 [details]
err

Comment 3 Milan Zázrivec 2015-03-16 16:10:01 UTC

The problem here -- obviously -- is that the role in question lacks
the permission to view catalog items, hence the error.

The fix here will be not to render the link to catalog item in case
the role doesn't have the right permissions.

https://github.com/ManageIQ/manageiq/pull/2170

Comment 4 CFME Bot 2015-03-16 16:50:50 UTC

New commit detected on manageiq/master:
https://github.com/ManageIQ/manageiq/commit/9736ebd798f29e98657f54780973d88bbea8f997

commit 9736ebd798f29e98657f54780973d88bbea8f997
Author:     Milan Zazrivec <mzazrivec>
AuthorDate: Mon Mar 16 17:05:10 2015 +0100
Commit:     Milan Zazrivec <mzazrivec>
CommitDate: Mon Mar 16 17:15:40 2015 +0100

    UI: render catalog item link only when available
    
    We won't be rendering link to the catalog item if
    the role in question lacks 'catalog_items_view'
    permission.
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1201751

 vmdb/app/views/catalog/_stcat_tree_show.html.haml | 19 ++++++++++++-------
 1 file changed, 12 insertions(+), 7 deletions(-)

Comment 6 Aziza Karol 2015-04-21 11:48:21 UTC

Verified:
5.4.0.0.22.20150420163946_26004d1

Comment 8 errata-xmlrpc 2015-06-16 12:52:53 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-1100.html

Note You need to log in before you can comment on or make changes to this bug.