Bug 1292157 - Deletion of tenant is allowed when group exists with such tenant assigned
Summary: Deletion of tenant is allowed when group exists with such tenant assigned
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: UI - OPS
Version: 5.5.0
Hardware: Unspecified
OS: Unspecified
medium
high
Target Milestone: GA
: 5.6.0
Assignee: Milan Zázrivec
QA Contact: Pavol Kotvan
URL:
Whiteboard: tenant_cfme:ui
Depends On:
Blocks: 1292469 1292494
TreeView+ depends on / blocked
 
Reported: 2015-12-16 15:26 UTC by Pavol Kotvan
Modified: 2016-06-29 15:21 UTC (History)
8 users (show)

Fixed In Version: 5.6.0.0
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 1292469 1292494 (view as bug list)
Environment:
Last Closed: 2016-06-29 15:21:47 UTC
Category: Bug
Cloudforms Team: ---
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2016:1348 0 normal SHIPPED_LIVE CFME 5.6.0 bug fixes and enhancement update 2016-06-29 18:50:04 UTC

Description Pavol Kotvan 2015-12-16 15:26:53 UTC 
Description of problem:
Deletion of tenant is allowed when there is group with this tenant assigned. This will cause that group will loose tenant membership. This is e.g. breaking Automate-Explorer.

Version-Release number of selected component (if applicable):
5.5.0.13

How reproducible:
always

Steps to Reproduce:
1. Create tenant1
2. Create new group called tenant1, assign super administrator role to it and tenant1 tenant
3. Create new user tenant1 and assign him into tenant1 group
4. Login as tenant1 
5. navigate to Automate -> Explorer

Actual results:
You will see this message on the screen:
We're sorry, but something went wrong.
We've been notified about this issue and we'll take a look at it shortly.

When you navigate to tenant1 group, there is no tenant assigned to this group, which is mandatory when creating new group.

In order to fix this, login as super administrator of My Company tenant and assign tenant to tenant1 group.

Also noticed that user which is not member of any tenant can login into CFME.

Expected results:
Tenant/child tenant/project cannot be deleted if there is group which is relying on this tenant/project.
This check should be implemented also for all child tenants.
Similar check is done when you try delete group which has members in it.

Additional info:
Comment 1 Milan Zázrivec 2016-01-06 13:56:22 UTC 
https://github.com/ManageIQ/manageiq/pull/6061
Comment 2 CFME Bot 2016-01-06 14:26:03 UTC 
Detected commit referencing this ticket while ticket status is POST.
Comment 3 John Prause 2016-01-06 14:39:14 UTC 
Milan: When this Pull Request has been merged, then move back to Post.

https://github.com/ManageIQ/manageiq/pull/6061
Comment 4 CFME Bot 2016-01-06 17:36:07 UTC 
New commit detected on ManageIQ/manageiq/master:
https://github.com/ManageIQ/manageiq/commit/23981a52d869b215c53cb877e6a902d207a24192

commit 23981a52d869b215c53cb877e6a902d207a24192
Author:     Milan Zazrivec <mzazrivec>
AuthorDate: Wed Jan 6 14:18:05 2016 +0100
Commit:     Milan Zazrivec <mzazrivec>
CommitDate: Wed Jan 6 16:13:18 2016 +0100

    Don't delete tenant with groups associated
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1292157

 app/models/tenant.rb       | 5 +++++
 spec/models/tenant_spec.rb | 8 ++++++++
 2 files changed, 13 insertions(+)
Comment 5 CFME Bot 2016-01-08 09:47:25 UTC 
https://github.com/ManageIQ/manageiq/pull/6062
Comment 6 CFME Bot 2016-01-08 09:47:29 UTC 
Detected commit referencing this ticket while ticket status is MODIFIED.
Comment 9 errata-xmlrpc 2016-06-29 15:21:47 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2016:1348
Note You need to log in before you can comment on or make changes to this bug.