Bug 1247715 - User 'production' is not authorized to access 'Provider' record id '10' on accessing Satellite provider when Quota is assigned
User 'production' is not authorized to access 'Provider' record id '10' on a...
Status: CLOSED ERRATA
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: UI - OPS (Show other bugs)
5.4.0
Unspecified Unspecified
medium Severity medium
: GA
: 5.5.2
Assigned To: Aparna Karve
Aziza Karol
: ZStream
Depends On:
Blocks: 1290837
  Show dependency treegraph
 
Reported: 2015-07-28 12:02 EDT by Aziza Karol
Modified: 2016-02-10 10:20 EST (History)
7 users (show)

See Also:
Fixed In Version: 5.5.2.1
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1290837 (view as bug list)
Environment:
Last Closed: 2016-02-10 10:20:02 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
snpshot (53.53 KB, image/png)
2015-07-28 12:02 EDT, Aziza Karol
no flags Details

  None (edit)
Description Aziza Karol 2015-07-28 12:02:11 EDT
Created attachment 1057060 [details]
snpshot

Description of problem:


Version-Release number of selected component (if applicable):
5.4.1

How reproducible:
100%

Steps to Reproduce:
1. Add satellite provider 
2.create a new group with role "EvmRole-administrator" and and set tag "Quota-max memory" to 2GB
3.create a new user base on above group
4.login with the above user and navigate to infrastructure-> configuration management and click on the satellite provider in accordion

Actual results:
User 'production' is not authorized to access 'Provider' record id '10'. see attached screenshot

Expected results:
should be accessible

Additional info:
Comment 3 CFME Bot 2015-12-03 10:55:22 EST
New commit detected on ManageIQ/manageiq/master:
https://github.com/ManageIQ/manageiq/commit/6e64846f7f1fa689518687bc52bfe9f64ce43f72

commit 6e64846f7f1fa689518687bc52bfe9f64ce43f72
Author:     Aparna Karve <akarve@redhat.com>
AuthorDate: Wed Nov 25 14:49:27 2015 -0800
Commit:     Aparna Karve <akarve@redhat.com>
CommitDate: Thu Dec 3 10:43:13 2015 +0100

    Apply RBAC filtering to the foreman tree objects
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1247715

 app/controllers/application_controller.rb          | 25 +++++------
 app/controllers/provider_foreman_controller.rb     | 49 ++++++++++++++--------
 app/models/configuration_profile.rb                |  2 +-
 .../manageiq/providers/configuration_manager.rb    |  4 +-
 .../configuration_manager/configuration_profile.rb |  4 ++
 .../configuration_manager/configured_system.rb     |  4 ++
 app/models/rbac.rb                                 | 13 +++---
 app/presenters/tree_builder.rb                     | 16 +++----
 app/presenters/tree_builder_foreman.rb             | 11 ++---
 .../provider_foreman_controller_spec.rb            |  4 +-
 10 files changed, 79 insertions(+), 53 deletions(-)
Comment 4 CFME Bot 2015-12-07 17:57:41 EST
New commit detected on cfme/5.5.z:
https://code.engineering.redhat.com/gerrit/gitweb?p=cfme.git;a=commitdiff;h=1cd23ef4dd1b6ae01ced329756ebd614281bb2d1

commit 1cd23ef4dd1b6ae01ced329756ebd614281bb2d1
Merge: 5694b4d 766b947
Author:     Dan Clarizio <dclarizi@redhat.com>
AuthorDate: Mon Dec 7 17:49:53 2015 -0500
Commit:     Dan Clarizio <dclarizi@redhat.com>
CommitDate: Mon Dec 7 17:49:53 2015 -0500

    Merge branch 'rbac_foreman' into '5.5.z'
    
    BZ1247715 - Apply RBAC filtering to the foreman tree objects
    
    Clean cherry-pick
    Upstream PR - https://github.com/ManageIQ/manageiq/pull/5665
    
    Apply RBAC filtering to the Foreman tree nodes based on the logged-in user's tag settings.
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1247715
    
    See merge request !582

 app/controllers/application_controller.rb          | 25 +++++------
 app/controllers/provider_foreman_controller.rb     | 48 ++++++++++++++--------
 app/models/configuration_profile.rb                |  2 +-
 .../manageiq/providers/configuration_manager.rb    |  4 +-
 .../configuration_manager/configuration_profile.rb |  4 ++
 .../configuration_manager/configured_system.rb     |  4 ++
 app/models/rbac.rb                                 | 13 +++---
 app/presenters/tree_builder.rb                     | 16 ++++----
 app/presenters/tree_builder_foreman.rb             | 11 +++--
 .../provider_foreman_controller_spec.rb            | 29 +++++++++++++
 10 files changed, 106 insertions(+), 50 deletions(-)
Comment 5 CFME Bot 2015-12-07 17:57:45 EST
New commit detected on cfme/5.5.z:
https://code.engineering.redhat.com/gerrit/gitweb?p=cfme.git;a=commitdiff;h=4f2cfff4d55a7aa55614114864ba895b6f9be7ef

commit 4f2cfff4d55a7aa55614114864ba895b6f9be7ef
Author:     Aparna Karve <akarve@redhat.com>
AuthorDate: Wed Nov 25 14:49:27 2015 -0800
Commit:     Aparna Karve <akarve@redhat.com>
CommitDate: Fri Dec 4 09:52:11 2015 +0100

    Apply RBAC filtering to the foreman tree objects
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1247715

 app/controllers/application_controller.rb          | 25 +++++------
 app/controllers/provider_foreman_controller.rb     | 49 ++++++++++++++--------
 app/models/configuration_profile.rb                |  2 +-
 .../manageiq/providers/configuration_manager.rb    |  4 +-
 .../configuration_manager/configuration_profile.rb |  4 ++
 .../configuration_manager/configured_system.rb     |  4 ++
 app/models/rbac.rb                                 | 13 +++---
 app/presenters/tree_builder.rb                     | 16 +++----
 app/presenters/tree_builder_foreman.rb             | 11 ++---
 .../provider_foreman_controller_spec.rb            |  4 +-
 10 files changed, 79 insertions(+), 53 deletions(-)
Comment 7 Aziza Karol 2016-01-19 01:22:38 EST
satellite provider accessible.

Verified in Verified in 5.5.2.1.20160114044944_395c086
Comment 9 errata-xmlrpc 2016-02-10 10:20:02 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2016:0159

Note You need to log in before you can comment on or make changes to this bug.