Bug 1268829 - API does not return Fact values with Viewer role
Summary: API does not return Fact values with Viewer role
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Satellite
Classification: Red Hat
Component: API
Version: 6.1.2
Hardware: Unspecified
OS: Unspecified
high
high vote
Target Milestone: Unspecified
Assignee: Daniel Lobato Garcia
QA Contact: jcallaha
URL: http://projects.theforeman.org/issues...
Whiteboard:
Depends On:
Blocks: 1122832 1333112
TreeView+ depends on / blocked
 
Reported: 2015-10-05 12:06 UTC by Peter Vreman
Modified: 2019-11-14 07:01 UTC (History)
10 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 1333112 (view as bug list)
Environment:
Last Closed: 2016-07-27 08:56:53 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Knowledge Base (Solution) 2328291 None None None 2016-05-18 12:52:48 UTC
Red Hat Product Errata RHBA-2016:1500 normal SHIPPED_LIVE Red Hat Satellite 6.2 Base Libraries 2016-07-27 12:24:38 UTC

Description Peter Vreman 2015-10-05 12:06:35 UTC
Description of problem:
The API to query fact values always has an empty response because of lack of permissions with the Viewer role. Neither could the View-Host and Manager roles, so looks like that only the Administrator role can list the facts.

This behavior is a regression over Sat6.0, as the same user role and query 
works without issues on Sat6.0 and earlier Foreman 1.2 installations.


$ curl -s -uviewer:xxxx https://li-lc-1578.hag.hilti.com/api/v2/users/viewer | jq .roles
[
  {
    "id": 19,
    "name": "Anonymous"
  },
  {
    "id": 16,
    "name": "Viewer"
  }
]

$ curl -s -uviewer:xxxx https://li-lc-1578.hag.hilti.com//api/v2/hosts/li-lc-1443.hag.hilti.com/facts?per_page=9999 | jq .
{
  "results": {},
  "sort": {
    "order": null,
    "by": null
  },
  "search": " host = li-lc-1443.hag.hilti.com",
  "per_page": 9999,
  "page": 1,
  "subtotal": 0,
  "total": 0
}

2015-10-05 11:46:07 [I] Processing by Api::V2::FactValuesController#index as JSON
2015-10-05 11:46:07 [I]   Parameters: {"per_page"=>"9999", "apiv"=>"v2", "host_id"=>"li-lc-1443.hag.hilti.com"}
2015-10-05 11:46:07 [I] Authorized user viewer(viewer )
2015-10-05 11:46:07 [I]   Rendered api/v2/fact_values/index.json.rabl within api/v2/layouts/index_layout (3.0ms)
2015-10-05 11:46:07 [I] Completed 200 OK in 341ms (Views: 27.8ms | ActiveRecord: 47.8ms)





Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1. Query facts using a User with only the Viewer role
2.
3.

Actual results:
No facts returned

Expected results:
Facts returned

Additional info:

Comment 2 Peter Vreman 2015-10-05 14:27:01 UTC
Fix is available in Foreman 1.9 http://projects.theforeman.org/issues/9793

Comment 3 Bryan Kearney 2015-12-15 19:05:16 UTC
Upstream bug assigned to dlobatog@redhat.com

Comment 4 Bryan Kearney 2015-12-15 19:05:19 UTC
Upstream bug component is API

Comment 5 Bryan Kearney 2015-12-15 19:05:21 UTC
Moving to POST since upstream bug http://projects.theforeman.org/issues/9793 has been closed
-------------
Daniel Lobato Garcia
Applied in changeset commit:f0c7b9616ffe83a6e8aa0a0c5811c22d541daa1c.

Comment 6 jcallaha 2015-12-18 20:52:28 UTC
*** This bug is verified in upstream.  This fix should eventually land in future downstream builds ***
Version Tested:
# rpm -qa | grep foreman
tfm-rubygem-foreman_discovery-4.1.2-1.fm1_11.el7.noarch
tfm-rubygem-foreman_hooks-0.3.9-1.el7.noarch
foreman-debug-1.11.0-0.develop.201512111432git98f6ca5.el7.noarch
tfm-rubygem-hammer_cli_foreman_docker-0.0.3-4.el7.noarch
foreman-ovirt-1.11.0-0.develop.201512111432git98f6ca5.el7.noarch
foreman-postgresql-1.11.0-0.develop.201512111432git98f6ca5.el7.noarch
foreman-release-scl-1-1.el7.x86_64
foreman-vmware-1.11.0-0.develop.201512111432git98f6ca5.el7.noarch
tfm-rubygem-foreman_gutterball-0.0.1-3.el7.noarch
foreman-gce-1.11.0-0.develop.201512111432git98f6ca5.el7.noarch
dell-per300-01.rhts.eng.bos.redhat.com-foreman-proxy-client-1.0-1.noarch
foreman-release-1.11.0-0.develop.201512111432git98f6ca5.el7.noarch
tfm-rubygem-hammer_cli_foreman_tasks-0.0.8-1.el7.noarch
foreman-1.11.0-0.develop.201512111432git98f6ca5.el7.noarch
tfm-rubygem-foreman_docker-1.4.1-2.fm1_10.el7.noarch
foreman-libvirt-1.11.0-0.develop.201512111432git98f6ca5.el7.noarch
dell-per300-01.rhts.eng.bos.redhat.com-foreman-client-1.0-1.noarch
dell-per300-01.rhts.eng.bos.redhat.com-foreman-proxy-1.0-2.noarch
tfm-rubygem-hammer_cli_foreman-0.4.0-1.201512101420git81ec371.el7.noarch
foreman-compute-1.11.0-0.develop.201512111432git98f6ca5.el7.noarch
tfm-rubygem-foreman-tasks-0.7.6-1.fm1_10.el7.noarch
foreman-selinux-1.11.0-0.develop.201510071426git6234447.el7.noarch
tfm-rubygem-hammer_cli_foreman_bootdisk-0.1.3-3.el7.noarch
tfm-rubygem-foreman_bootdisk-6.0.0-2.fm1_10.el7.noarch
foreman-proxy-1.11.0-0.develop.201512101505git62c9e22.el7.noarch

Comment 8 Edu Alcaniz 2016-04-15 08:18:07 UTC
This issue persiste in Satellite 6.1.7

Comment 15 errata-xmlrpc 2016-07-27 08:56:53 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2016:1500


Note You need to log in before you can comment on or make changes to this bug.