Red Hat Bugzilla – Bug 1255777
[RFE] Role Filters Limited By either Location or Lifecycle Environment
Last modified: 2017-11-21 06:40:26 EST
Description of problem:
We're wanting to implement a sort of self-service option for business units that want to manage their own patches or use the Satellite to deploy actions to their particular set of hosts. The names won't necessarily follow our normal naming convention (they were absorbed, hence the devolved status of patching) so matching on name won't work and we're all within the same organization so matching on organization_id won't help either.
They do have their own unique location and lifecycle environment. Matching view_content_hosts, etc on location will probably be useful eventually but it seems like matching on lifecycle environment would be the more "correct" way of managing devolved responsibility in general so that's my preference.
If you need me to clarify what I'm asking for then feel free to ask.
Version-Release number of selected component (if applicable):
I'm currently on Satellite 6.1.1
90% of the time it works every time.
Steps to Reproduce:
1. Go into Administer > Roles
2. Select the role you want to limit and go to the filters
3. Attempt to add a filter for resource type "Content Host"
4. Uncheck "Unlimited" and attempt to restrict role's access to just the relevant hosts
There is no option for limit in such a way. Only by name or organization_id
Some options for more granular limiting of authority such as by Location, Lifecycle Environment, or membership in a particular Host Collection.
Since 6.2, Content Hosts permissions are controlled through regular "Host" permissions. Therefore, lifecycle_environment_id, location, and many more fields are available on the search filter. Closing.