Description of problem: assigning ak_roles at user_group level to users seems to have no affect Version-Release number of selected component (if applicable): sat6.1-GA-SNAP3-compose2 How reproducible: Steps to Reproduce: 1. configure LDAP authentication using http://theforeman.org/manuals/1.8/index.html#4.1.1LDAPAuthentication 2. create a user-group with external user-group (example Active Directory) 3. create a ak_role via the roles and assign only the "activation keys" permissions via the filters. 4. assign the role "ak_role" at the user_group level 5. Actual results: login via the user which is part of the external user-group , to observer that the user cannot perform "ak" roles. Expected results: ogin via the user which is part of the external user-group , to observer that the user can perform "ak" roles. Additional info:
Kedar, does this happen outside of LDAP as well?
this happens only when roles are assigned at the user_group level. when assigning the role with "activation keys permissions" to user directly it works fine.
ah! ok, I know exactly what you are asking, need to check, will update here soon.
Important Update: strange, looks like this is only when we are using "LDAP authentication" and assigning the role at "user-group" level only.
works fine when using for a normal user with auth source as "INTERNAL".
I investigated further and it looks like, the issue is actually different. Actually it is, Adding/Updating roles at user_group level to users seems to have no effect. Will close this bug and raise a new bug. Sorry for the confusion.
*** This bug has been marked as a duplicate of bug 1221971 ***
The bug description is more appropriate in bug 1221971