Bug 1293791 - It's better to disable "Add to project" button if the user only has view permission for one project
It's better to disable "Add to project" button if the user only has view perm...
Product: OpenShift Origin
Classification: Red Hat
Component: Management Console (Show other bugs)
Unspecified Unspecified
medium Severity low
: ---
: ---
Assigned To: Jakub Hadvig
Depends On:
  Show dependency treegraph
Reported: 2015-12-23 00:43 EST by Wei Sun
Modified: 2016-09-19 09:54 EDT (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2016-09-19 09:54:42 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Wei Sun 2015-12-23 00:43:27 EST
Description of problem:
Add a user as viewer to the project,and login web console using viewer .Click the project,and click "Add to project" button to create an application.The viewer could not create any resource successfully.
But it's better to disable "Add to project" button,then the viewer will not try to create anything.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1.Create a project and add a user as viewer to the project
2.Log in web console using viewer
3.Create an application using the project

Actual results:
The viewer could use the button "Add to project",but could not create anything successfully due to the permission

Expected results:
If the viewer doesn't have permission the the "Add to project" button should be disabled.

Additional info:
Comment 1 Jessica Forrester 2016-05-02 10:45:28 EDT
General story for this is in trello https://trello.com/c/UQEUgVrY
Comment 3 Jakub Hadvig 2016-07-12 07:47:53 EDT
This should be fixed by merged PR
Comment 4 XiaochuanWang 2016-07-13 02:59:59 EDT
Still reproduced on latest origin rhel7_4552
oc v1.3.0-alpha.2-1074-g69bd399
kubernetes v1.3.0-alpha.3-599-g2746284
Comment 5 Jakub Hadvig 2016-07-13 05:04:23 EDT
I've couldn't reproduce this issue. Please could you provide info on the steps you followed and what was the outcome ?
Also we are not disabling the 'Add to project' button, we are hiding it.
Comment 7 XiaochuanWang 2016-07-13 22:08:11 EDT
I still reproduced on today's ami devenv-rhel7_4552
Here comes my reproduced step http://pastebin.test.redhat.com/392210
Here are 2 "Add to Project" buttons and now one of them is hidden which is on top of the screen , but still show the other one in the middle of page, please see the screenshot from attachment. Thanks.
Comment 8 openshift-github-bot 2016-07-15 08:46:19 EDT
Commit pushed to master at https://github.com/openshift/origin-web-console

Bug 1293791 - Hide 'Add to project' button on overview if user cant create any resource
Comment 9 XiaochuanWang 2016-07-17 22:39:18 EDT
Tested on latest ami(devenv-rhel7_4607).

git log contains: commit 0090e0da6f622ca6ce216bc819bcdaeafe309ea1
Author: jhadvig <jhadvig@redhat.com>
Date:   Thu Jul 14 11:36:56 2016 +0200

    Bug 1293791 - Hide 'Add to project' button on overview if user cant create any resource

Still find button:
<a href="project/xiaocwan-t/create" ng-href="project/xiaocwan-t/create" class="btn btn-lg btn-primary">
Add to Project

There are Two add-to-project in original bug. The button on top of page is hidden but the other one in middle of page is still here since https://bugzilla.redhat.com/show_bug.cgi?id=1293791#c7 , please refer to the screenshot from attachment "Add-to-Project_button".

Comment 10 XiaochuanWang 2016-07-17 22:47:39 EDT
Steps to reproduce:
1. User1 create a project
2. User1 grand view role to user2: $oc policy add-role-to-user view user2 -n <user1-project>
3. User2 login, go to the project and check page on web console
Comment 11 XiaochuanWang 2016-07-19 23:01:22 EDT
Verified on latest origin
oc v1.3.0-alpha.2+6bfd721-dirty
openshift v1.3.0-alpha.2+6bfd721-dirty
kubernetes v1.3.0+57fb9ac

No "Add-to-Project" to show, used following message instead:
Welcome to project xiaocwan-t.
If you need to create resources in this project, a project administrator can grant you additional access by running this command:
oc policy add-role-to-user <role> xiaoviewer -n xiaocwan-t

Note You need to log in before you can comment on or make changes to this bug.