1272990 – RBAC:unable to login when the user have access to only container feature

Bug 1272990 - RBAC:unable to login when the user have access to only container feature

Summary: RBAC:unable to login when the user have access to only container feature

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat CloudForms Management Engine
Classification:	Red Hat
Component:	UI - OPS
Sub Component:
Version:	5.5.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	medium
Target Milestone:	GA
Target Release:	5.5.0
Assignee:	Harpreet Kataria
QA Contact:	Aziza Karol
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2015-10-19 11:31 UTC by Aziza Karol
Modified:	2015-12-08 13:36 UTC (History)
CC List:	5 users (show)
Fixed In Version:	5.5.0.8
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2015-12-08 13:36:25 UTC
Category:	---
Cloudforms Team:	---
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
login failed (44.72 KB, image/png) 2015-10-19 11:31 UTC, Aziza Karol	no flags	Details
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2015:2551	0	normal	SHIPPED_LIVE	Moderate: CFME 5.5.0 bug fixes and enhancement update	2015-12-08 17:58:09 UTC

Description Aziza Karol 2015-10-19 11:31:01 UTC

Created attachment 1084364 [details]
login failed

Description of problem:


Version-Release number of selected component (if applicable):
5.5.0.6

How reproducible:
100%

Steps to Reproduce:
1.create a role having access to only container feature
2.create a group with the above role
3.create user using the above group
4.Try login

Actual results:
user is unable to login.see attached screenshot.
when the user tries to relogin error is thrown in production log

Expected results:


Additional info:

production.log
[----] I, [2015-10-19T06:57:21.644539 #2937:afb98c]  INFO -- : Started POST "/dashboard/authenticate?button=login&method=post" for 127.0.0.1 at 2015-10-19 06:57:21 -0400
[----] I, [2015-10-19T06:57:21.645931 #2937:afb98c]  INFO -- : Processing by DashboardController#authenticate as JS
[----] I, [2015-10-19T06:57:21.646027 #2937:afb98c]  INFO -- :   Parameters: {"user_name"=>"container", "user_password"=>"[FILTERED]", "browser_name"=>"Firefox", "browser_version"=>"30", "browser_os"=>"Linux", "user_TZO"=>"5.5", "button"=>"login", "method"=>"post"}
[----] I, [2015-10-19T06:57:21.839459 #2937:afb98c]  INFO -- :   Rendered layouts/_flash_msg.html.haml (0.2ms)
[----] I, [2015-10-19T06:57:21.840670 #2937:afb98c]  INFO -- : Completed 200 OK in 194ms (Views: 1.4ms | ActiveRecord: 40.5ms)

[----] I, [2015-10-19T06:58:10.000613 #2937:afb98c]  INFO -- : Started POST "/dashboard/authenticate?button=login&method=post" for 127.0.0.1 at 2015-10-19 06:58:10 -0400
[----] I, [2015-10-19T06:58:10.001908 #2937:afb98c]  INFO -- : Processing by DashboardController#authenticate as JS
[----] I, [2015-10-19T06:58:10.002013 #2937:afb98c]  INFO -- :   Parameters: {"user_name"=>"container", "user_password"=>"[FILTERED]", "browser_name"=>"Firefox", "browser_version"=>"30", "browser_os"=>"Linux", "user_TZO"=>"5.5", "button"=>"login", "method"=>"post"}
[----] W, [2015-10-19T06:58:10.003070 #2937:afb98c]  WARN -- : Can't verify CSRF token authenticity
[----] F, [2015-10-19T06:58:10.003422 #2937:afb98c] FATAL -- : Error caught: [ActionController::InvalidAuthenticityToken] ActionController::InvalidAuthenticityToken
/opt/rh/cfme-gemset/gems/actionpack-4.2.4/lib/action_controller/metal/request_forgery_protection.rb:181:in `handle_unverified_request'
/opt/rh/cfme-gemset/gems/actionpack-4.2.4/lib/action_controller/metal/request_forgery_protection.rb:209:in `handle_unverified_request'
/opt/rh/cfme-gemset/gems/actionpack-4.2.4/lib/action_controller/metal/request_forgery_protection.rb:204:in `verify_authenticity_token'
/opt/rh/cfme-gemset/gems/activesupport-4.2.4/lib/active_support/callbacks.rb:432:in `block in make_lambda'
/opt/rh/cfme-gemset/gems/activesupport-4.2.4/lib/active_support/callbacks.rb:145:in `call'
/opt/rh/cfme-gemset/gems/activesupport-4.2.4/lib/active_support/callbacks.rb:145:in `block in halting_and_conditional'
/opt/rh/cfme-gemset/gems/activesupport-4.2.4/lib/active_support/callbacks.rb:504:in `call'
/opt/rh/cfme-gemset/gems/activesupport-4.2.4/lib/active_support/callbacks.rb:504:in `block in call'
/opt/rh/cfme-gemset/gems/activesupport-4.2.4/lib/active_support/callbacks.rb:504:in `each'
/opt/rh/cfme-gemset/gems/activesupport-4.2.4/lib/active_support/callbacks.rb:504:in `call'
/opt/rh/cfme-gemset/gems/activesupport-4.2.4/lib/active_support/callbacks.rb:92:in `__run_callbacks__'
/opt/rh/cfme-gemset/gems/activesupport-4.2.4/lib/active_support/callbacks.rb:778:in `_run_process_action_callbacks'
/opt/rh/cfme-gemset/gems/activesupport-4.2.4/lib/active_support/callbacks.rb:81:in `run_callbacks'
/opt/rh/cfme-gemset/gems/actionpack-4.2.4/lib/abstract_controller/callbacks.rb:19:in `process_action'
/opt/rh/cfme-gemset/gems/actionpack-4.2.4/lib/action_controller/metal/rescue.rb:29:in `process_action'
/opt/rh/cfme-gemset/gems/actionpack-4.2.4/lib/action_controller/metal/instrumentation.rb:32:in `block in process_action'
/opt/rh/cfme-gemset/gems/activesupport-4.2.4/lib/active_support/notifications.rb:164:in `block in instrument'
/opt/rh/cfme-gemset/gems/activesupport-4.2.4/lib/active_support/notifications/instrumenter.rb:20:in `instrument'
/opt/rh/cfme-gemset/gems/activesupport-4.2.4/lib/active_support/notifications.rb:164:in `instrument'
/opt/rh/cfme-gemset/gems/actionpack-4.2.4/lib/action_controller/metal/instrumentation.rb:30:in `process_action'
/opt/rh/cfme-gemset/gems/actionpack-4.2.4/lib/action_controller/metal/params_wrapper.rb:250:in `process_action'
/opt/rh/cfme-gemset/gems/activerecord-4.2.4/lib/active_record/railties/controller_runtime.rb:18:in `process_action'
/opt/rh/cfme-gemset/gems/actionpack-4.2.4/lib/abstract_controller/base.rb:137:in `process'
/opt/rh/cfme-gemset/gems/actionview-4.2.4/lib/action_view/rendering.rb:30:in `process'
/opt/rh/cfme-gemset/gems/actionpack-4.2.4/lib/action_controller/metal.rb:196:in `dispatch'
/opt/rh/cfme-gemset/gems/actionpack-4.2.4/lib/action_controller/metal/rack_delegation.rb:13:in `dispatch'
/opt/rh/cfme-gemset/gems/actionpack-4.2.4/lib/action_controller/metal.rb:237:in `block in action'
/opt/rh/cfme-gemset/gems/actionpack-4.2.4/lib/action_dispatch/routing/route_set.rb:76:in `call'
/opt/rh/cfme-gemset/gems/actionpack-4.2.4/lib/action_dispatch/routing/route_set.rb:76:in `dispatch'
/opt/rh/cfme-gemset/gems/actionpack-4.2.4/lib/action_dispatch/routing/route_set.rb:45:in `serve'
/opt/rh/cfme-gemset/gems/actionpack-4.2.4/lib/action_dispatch/journey/router.rb:43:in `block in serve'
/opt/rh/cfme-gemset/gems/actionpack-4.2.4/lib/action_dispatch/journey/router.rb:30:in `each'
/opt/rh/cfme-gemset/gems/actionpack-4.2.4/lib/action_dispatch/journey/router.rb:30:in `serve'
/opt/rh/cfme-gemset/gems/actionpack-4.2.4/lib/action_dispatch/routing/route_set.rb:821:in `call'
/opt/rh/cfme-gemset/gems/rack-1.6.4/lib/rack/etag.rb:24:in `call'
/opt/rh/cfme-gemset/gems/rack-1.6.4/lib/rack/conditionalget.rb:38:in `call'
/opt/rh/cfme-gemset/gems/rack-1.6.4/lib/rack/head.rb:13:in `call'
/opt/rh/cfme-gemset/gems/actionpack-4.2.4/lib/action_dispatch/middleware/params_parser.rb:27:in `call'
/opt/rh/cfme-gemset/gems/actionpack-4.2.4/lib/action_dispatch/middleware/flash.rb:260:in `call'
/opt/rh/cfme-gemset/gems/rack-1.6.4/lib/rack/session/abstract/id.rb:225:in `context'
/opt/rh/cfme-gemset/gems/rack-1.6.4/lib/rack/session/abstract/id.rb:220:in `call'
/opt/rh/cfme-gemset/gems/actionpack-4.2.4/lib/action_dispatch/middleware/cookies.rb:560:in `call'
/opt/rh/cfme-gemset/gems/activerecord-4.2.4/lib/active_record/query_cache.rb:36:in `call'
/opt/rh/cfme-gemset/gems/activerecord-4.2.4/lib/active_record/connection_adapters/abstract/connection_pool.rb:653:in `call'
/opt/rh/cfme-gemset/gems/actionpack-4.2.4/lib/action_dispatch/middleware/callbacks.rb:29:in `block in call'
/opt/rh/cfme-gemset/gems/activesupport-4.2.4/lib/active_support/callbacks.rb:88:in `__run_callbacks__'
/opt/rh/cfme-gemset/gems/activesupport-4.2.4/lib/active_support/callbacks.rb:778:in `_run_call_callbacks'
/opt/rh/cfme-gemset/gems/activesupport-4.2.4/lib/active_support/callbacks.rb:81:in `run_callbacks'
/opt/rh/cfme-gemset/gems/actionpack-4.2.4/lib/action_dispatch/middleware/callbacks.rb:27:in `call'
/opt/rh/cfme-gemset/gems/actionpack-4.2.4/lib/action_dispatch/middleware/remote_ip.rb:78:in `call'
/opt/rh/cfme-gemset/gems/actionpack-4.2.4/lib/action_dispatch/middleware/debug_exceptions.rb:17:in `call'
/opt/rh/cfme-gemset/gems/actionpack-4.2.4/lib/action_dispatch/middleware/show_exceptions.rb:30:in `call'
/opt/rh/cfme-gemset/gems/railties-4.2.4/lib/rails/rack/logger.rb:38:in `call_app'
/opt/rh/cfme-gemset/gems/railties-4.2.4/lib/rails/rack/logger.rb:22:in `call'
/opt/rh/cfme-gemset/gems/actionpack-4.2.4/lib/action_dispatch/middleware/request_id.rb:21:in `call'
/opt/rh/cfme-gemset/gems/rack-1.6.4/lib/rack/methodoverride.rb:22:in `call'
/opt/rh/cfme-gemset/gems/rack-1.6.4/lib/rack/runtime.rb:18:in `call'
/opt/rh/cfme-gemset/gems/activesupport-4.2.4/lib/active_support/cache/strategy/local_cache_middleware.rb:28:in `call'
/opt/rh/cfme-gemset/gems/rack-1.6.4/lib/rack/lock.rb:17:in `call'
/opt/rh/cfme-gemset/gems/actionpack-4.2.4/lib/action_dispatch/middleware/static.rb:116:in `call'
/opt/rh/cfme-gemset/gems/actionpack-4.2.4/lib/action_dispatch/middleware/static.rb:116:in `call'
/opt/rh/cfme-gemset/gems/rack-1.6.4/lib/rack/sendfile.rb:113:in `call'
/opt/rh/cfme-gemset/gems/railties-4.2.4/lib/rails/engine.rb:518:in `call'
/opt/rh/cfme-gemset/gems/railties-4.2.4/lib/rails/application.rb:165:in `call'
/opt/rh/cfme-gemset/gems/rack-1.6.4/lib/rack/content_length.rb:15:in `call'
/opt/rh/rh-ruby22/root/usr/share/gems/gems/thin-1.6.3/lib/thin/connection.rb:86:in `block in pre_process'
/opt/rh/rh-ruby22/root/usr/share/gems/gems/thin-1.6.3/lib/thin/connection.rb:84:in `catch'
/opt/rh/rh-ruby22/root/usr/share/gems/gems/thin-1.6.3/lib/thin/connection.rb:84:in `pre_process'
/opt/rh/rh-ruby22/root/usr/share/gems/gems/thin-1.6.3/lib/thin/connection.rb:53:in `process'
/opt/rh/rh-ruby22/root/usr/share/gems/gems/thin-1.6.3/lib/thin/connection.rb:39:in `receive_data'
/opt/rh/rh-ruby22/root/usr/share/gems/gems/eventmachine-1.0.7/lib/eventmachine.rb:187:in `run_machine'
/opt/rh/rh-ruby22/root/usr/share/gems/gems/eventmachine-1.0.7/lib/eventmachine.rb:187:in `run'
/opt/rh/rh-ruby22/root/usr/share/gems/gems/thin-1.6.3/lib/thin/backends/base.rb:73:in `start'
/opt/rh/rh-ruby22/root/usr/share/gems/gems/thin-1.6.3/lib/thin/server.rb:162:in `start'
/opt/rh/cfme-gemset/gems/rack-1.6.4/lib/rack/handler/thin.rb:19:in `run'
/opt/rh/cfme-gemset/gems/rack-1.6.4/lib/rack/server.rb:286:in `start'
/opt/rh/cfme-gemset/gems/railties-4.2.4/lib/rails/commands/server.rb:80:in `start'
/opt/rh/cfme-gemset/gems/railties-4.2.4/lib/rails/commands/commands_tasks.rb:80:in `block in server'
/opt/rh/cfme-gemset/gems/railties-4.2.4/lib/rails/commands/commands_tasks.rb:75:in `tap'
/opt/rh/cfme-gemset/gems/railties-4.2.4/lib/rails/commands/commands_tasks.rb:75:in `server'
/opt/rh/cfme-gemset/gems/railties-4.2.4/lib/rails/commands/commands_tasks.rb:39:in `run_command!'
/opt/rh/cfme-gemset/gems/railties-4.2.4/lib/rails/commands.rb:17:in `<top (required)>'
/var/www/miq/vmdb/bin/rails:4:in `require'
/var/www/miq/vmdb/bin/rails:4:in `<main>'
[----] I, [2015-10-19T06:58:10.004346 #2937:afb98c]  INFO -- :   Rendered layouts/_exception_contents.html.haml (0.2ms)

Comment 3 Aziza Karol 2015-11-12 05:23:55 UTC

Able to login when the user have access to only container feature.

Verified:
5.5.0.10-beta2.1.20151110134042_d6f5459

Comment 5 errata-xmlrpc 2015-12-08 13:36:25 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2015:2551

Note You need to log in before you can comment on or make changes to this bug.