Bug 1264967 - [RFE] Allow for deletion of group when users belong to another group
[RFE] Allow for deletion of group when users belong to another group
Status: POST
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: UI - OPS (Show other bugs)
5.4.0
All All
high Severity high
: GA
: 6.0.0
Assigned To: lgalis
Matt Pusateri
auth:miqldap:externalauth:ad:freeipa:...
: FutureFeature, Regression, RFE, TestOnly
Depends On:
Blocks: 1536035 1322396 1460307
  Show dependency treegraph
 
Reported: 2015-09-21 14:39 EDT by Josh Carter
Modified: 2018-01-18 22:06 EST (History)
11 users (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
: 1322396 1460307 1536035 (view as bug list)
Environment:
Last Closed:
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: CFME Core


Attachments (Terms of Use)

  None (edit)
Comment 6 Harpreet Kataria 2016-10-03 13:31:06 EDT
Pivotal story: https://www.pivotaltracker.com/story/show/131568585
Comment 8 Matt Pusateri 2017-05-17 15:57:57 EDT
Right now we really only have the concept of "current group" while we store multiple groups in the database, they are not visible in the UI. Another problem in how we support multiple groups, is that it's possible for a user to have a group relationsip that is not shown in the UI b/c it's not their current group. So you try to delete a group, but you can't because of the group relationship. But you also can't see what users are in what groups, so you can't delete the user to delete the group. Related Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1437682 - 5.8.0.12-rc1  This is probably really a new RFE, but it's related.
Comment 9 Satoe Imaishi 2017-05-24 14:05:11 EDT
PR: https://github.com/ManageIQ/manageiq/pull/15041
Comment 11 Matt Pusateri 2017-10-24 13:24:06 EDT
Verified on 5.9.0.2 with external auth - FreeIPA. With and without external groups.
Comment 12 Matt Pusateri 2017-11-14 14:34:44 EST
Assigning this back to Development.

So if a user has 2 groups and the group that you are deleting is the user's current group. Logins for that user are broken till an administrator manually fixes that user's groups. The user is still a member of at least 1 group, but can't log in b/c they have no current group. This obviously doesn't scale for administrators if the group contains multiple users.  Also the administrator will expect that they shouldn't have to do this if they are using external ldap groups.

Note You need to log in before you can comment on or make changes to this bug.