Created attachment 1057060 [details] snpshot Description of problem: Version-Release number of selected component (if applicable): 5.4.1 How reproducible: 100% Steps to Reproduce: 1. Add satellite provider 2.create a new group with role "EvmRole-administrator" and and set tag "Quota-max memory" to 2GB 3.create a new user base on above group 4.login with the above user and navigate to infrastructure-> configuration management and click on the satellite provider in accordion Actual results: User 'production' is not authorized to access 'Provider' record id '10'. see attached screenshot Expected results: should be accessible Additional info:
https://github.com/ManageIQ/manageiq/pull/5665
New commit detected on ManageIQ/manageiq/master: https://github.com/ManageIQ/manageiq/commit/6e64846f7f1fa689518687bc52bfe9f64ce43f72 commit 6e64846f7f1fa689518687bc52bfe9f64ce43f72 Author: Aparna Karve <akarve> AuthorDate: Wed Nov 25 14:49:27 2015 -0800 Commit: Aparna Karve <akarve> CommitDate: Thu Dec 3 10:43:13 2015 +0100 Apply RBAC filtering to the foreman tree objects https://bugzilla.redhat.com/show_bug.cgi?id=1247715 app/controllers/application_controller.rb | 25 +++++------ app/controllers/provider_foreman_controller.rb | 49 ++++++++++++++-------- app/models/configuration_profile.rb | 2 +- .../manageiq/providers/configuration_manager.rb | 4 +- .../configuration_manager/configuration_profile.rb | 4 ++ .../configuration_manager/configured_system.rb | 4 ++ app/models/rbac.rb | 13 +++--- app/presenters/tree_builder.rb | 16 +++---- app/presenters/tree_builder_foreman.rb | 11 ++--- .../provider_foreman_controller_spec.rb | 4 +- 10 files changed, 79 insertions(+), 53 deletions(-)
New commit detected on cfme/5.5.z: https://code.engineering.redhat.com/gerrit/gitweb?p=cfme.git;a=commitdiff;h=1cd23ef4dd1b6ae01ced329756ebd614281bb2d1 commit 1cd23ef4dd1b6ae01ced329756ebd614281bb2d1 Merge: 5694b4d 766b947 Author: Dan Clarizio <dclarizi> AuthorDate: Mon Dec 7 17:49:53 2015 -0500 Commit: Dan Clarizio <dclarizi> CommitDate: Mon Dec 7 17:49:53 2015 -0500 Merge branch 'rbac_foreman' into '5.5.z' BZ1247715 - Apply RBAC filtering to the foreman tree objects Clean cherry-pick Upstream PR - https://github.com/ManageIQ/manageiq/pull/5665 Apply RBAC filtering to the Foreman tree nodes based on the logged-in user's tag settings. https://bugzilla.redhat.com/show_bug.cgi?id=1247715 See merge request !582 app/controllers/application_controller.rb | 25 +++++------ app/controllers/provider_foreman_controller.rb | 48 ++++++++++++++-------- app/models/configuration_profile.rb | 2 +- .../manageiq/providers/configuration_manager.rb | 4 +- .../configuration_manager/configuration_profile.rb | 4 ++ .../configuration_manager/configured_system.rb | 4 ++ app/models/rbac.rb | 13 +++--- app/presenters/tree_builder.rb | 16 ++++---- app/presenters/tree_builder_foreman.rb | 11 +++-- .../provider_foreman_controller_spec.rb | 29 +++++++++++++ 10 files changed, 106 insertions(+), 50 deletions(-)
New commit detected on cfme/5.5.z: https://code.engineering.redhat.com/gerrit/gitweb?p=cfme.git;a=commitdiff;h=4f2cfff4d55a7aa55614114864ba895b6f9be7ef commit 4f2cfff4d55a7aa55614114864ba895b6f9be7ef Author: Aparna Karve <akarve> AuthorDate: Wed Nov 25 14:49:27 2015 -0800 Commit: Aparna Karve <akarve> CommitDate: Fri Dec 4 09:52:11 2015 +0100 Apply RBAC filtering to the foreman tree objects https://bugzilla.redhat.com/show_bug.cgi?id=1247715 app/controllers/application_controller.rb | 25 +++++------ app/controllers/provider_foreman_controller.rb | 49 ++++++++++++++-------- app/models/configuration_profile.rb | 2 +- .../manageiq/providers/configuration_manager.rb | 4 +- .../configuration_manager/configuration_profile.rb | 4 ++ .../configuration_manager/configured_system.rb | 4 ++ app/models/rbac.rb | 13 +++--- app/presenters/tree_builder.rb | 16 +++---- app/presenters/tree_builder_foreman.rb | 11 ++--- .../provider_foreman_controller_spec.rb | 4 +- 10 files changed, 79 insertions(+), 53 deletions(-)
satellite provider accessible. Verified in Verified in 5.5.2.1.20160114044944_395c086
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2016:0159