Bug 1309737 - Filter chain halted as :check_privileges rendered or redirected
Filter chain halted as :check_privileges rendered or redirected
Status: CLOSED ERRATA
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: UI - OPS (Show other bugs)
5.5.0
All All
high Severity high
: GA
: 5.5.3
Assigned To: Harpreet Kataria
Dmitry Misharov
: ZStream
Depends On: 1309473
Blocks:
  Show dependency treegraph
 
Reported: 2016-02-18 10:11 EST by Chris Pelland
Modified: 2016-04-13 14:44 EDT (History)
10 users (show)

See Also:
Fixed In Version: 5.5.3.2
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 1309473
Environment:
Last Closed: 2016-04-13 14:44:28 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Screenshot showing product features for self-service user (199.59 KB, image/png)
2016-03-30 12:50 EDT, Harpreet Kataria
no flags Details

  None (edit)
Comment 2 CFME Bot 2016-02-26 10:45:40 EST
New commit detected on ManageIQ/manageiq/master:
https://github.com/ManageIQ/manageiq/commit/2352bb7936957ac5566e8c0d08cef6e41326c6ea

commit 2352bb7936957ac5566e8c0d08cef6e41326c6ea
Author:     Harpreet Kataria <hkataria@redhat.com>
AuthorDate: Mon Feb 22 14:21:54 2016 -0500
Commit:     Harpreet Kataria <hkataria@redhat.com>
CommitDate: Mon Feb 22 15:03:59 2016 -0500

    Redirect user to appropriate screen when rbac access is not allowed.
    
    When clicking on a link to go to a VM summary screen from dashboard widgets redirect user to Workloads explorer when user is not allowed to see Infrastructure/Virtual Machines or Cloud/Instances explorer based upon record type. Redirect user back to Dashboard with a flash message when user does not have access to any of the VM accordions in VM* explorers.
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1309473
    https://bugzilla.redhat.com/show_bug.cgi?id=1309737

 app/controllers/vm_common.rb       | 28 ++++++++++++++++++++++++++--
 app/views/dashboard/show.html.haml |  1 +
 spec/controllers/vm_common_spec.rb | 36 ++++++++++++++++++++++++++++++++++++
 3 files changed, 63 insertions(+), 2 deletions(-)
Comment 4 CFME Bot 2016-02-29 09:41:08 EST
New commit detected on cfme/5.5.z:
https://code.engineering.redhat.com/gerrit/gitweb?p=cfme.git;a=commitdiff;h=1b19cfa424671588590eef59b43825c82e243634

commit 1b19cfa424671588590eef59b43825c82e243634
Merge: f91c73d 1659678
Author:     Dan Clarizio <dclarizi@redhat.com>
AuthorDate: Mon Feb 29 09:37:43 2016 -0500
Commit:     Dan Clarizio <dclarizi@redhat.com>
CommitDate: Mon Feb 29 09:37:43 2016 -0500

    Merge branch '55z_pr_6864' into '5.5.z'
    
    Redirect user to appropriate screen when rbac access is not allowed.
    
    When clicking on a link to go to a VM summary screen from dashboard widgets redirect user to Workloads explorer when user is not allowed to see Infrastructure/Virtual Machines or Cloud/Instances explorer based upon record type. Redirect user back to Dashboard with a flash message when user does not have access to any of the VM accordions in VM* explorers.
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1309473
    https://bugzilla.redhat.com/show_bug.cgi?id=1309737
    (cherry picked from commit 2352bb7)
    
    @dclarizi please review/merge, this is clean cherry-pick for https://github.com/ManageIQ/manageiq/pull/6864
    
    See merge request !822

 app/controllers/vm_common.rb       | 28 ++++++++++++++++++++++++++--
 app/views/dashboard/show.html.haml |  1 +
 spec/controllers/vm_common_spec.rb | 29 +++++++++++++++++++++++++++++
 3 files changed, 56 insertions(+), 2 deletions(-)
Comment 5 CFME Bot 2016-02-29 09:41:21 EST
New commit detected on cfme/5.5.z:
https://code.engineering.redhat.com/gerrit/gitweb?p=cfme.git;a=commitdiff;h=1659678441549b179e4f47dee6b2901d0d1857ef

commit 1659678441549b179e4f47dee6b2901d0d1857ef
Author:     Harpreet Kataria <hkataria@redhat.com>
AuthorDate: Mon Feb 22 14:21:54 2016 -0500
Commit:     Harpreet Kataria <hkataria@redhat.com>
CommitDate: Fri Feb 26 19:00:08 2016 -0500

    Redirect user to appropriate screen when rbac access is not allowed.
    
    When clicking on a link to go to a VM summary screen from dashboard widgets redirect user to Workloads explorer when user is not allowed to see Infrastructure/Virtual Machines or Cloud/Instances explorer based upon record type. Redirect user back to Dashboard with a flash message when user does not have access to any of the VM accordions in VM* explorers.
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1309473
    https://bugzilla.redhat.com/show_bug.cgi?id=1309737
    (cherry picked from commit 2352bb7)

 app/controllers/vm_common.rb       | 28 ++++++++++++++++++++++++++--
 app/views/dashboard/show.html.haml |  1 +
 spec/controllers/vm_common_spec.rb | 29 +++++++++++++++++++++++++++++
 3 files changed, 56 insertions(+), 2 deletions(-)
Comment 8 Dmitry Misharov 2016-03-29 10:12:24 EDT
I was unable to verify this bug. Tested on 5.5.3.2.20160318152106_92d2d67 and 5.6.0.0-pre-nightly.20160321091612_a8eb2ed. My steps to reproduce:
1. Added an infrastructure provider.
2. Created a "self-service" Role with only enabled Dashboard and Workloads feature, VM & Template Access Restriction is None.
3. Created a "self-service" Group with "self-service"
4. Created a user with "self-service" Group
5. Logined as just created user.
6. Tried to click on any VM in widget "EVM: Recently Discovered VMs"
Actual results:
The same error is thrown as in original bug screenshot.
Comment 9 Harpreet Kataria 2016-03-30 12:48:00 EDT
Dmitry,

Can you attach a screenshot of features that are allowed for the role that you are login as. Does the role have access to see a VM summary screen, under "Access Rules for all Virtual Machines". Let me know if i can access your appliance to recreate the issue.

Thanks,
~Harpreet
Comment 10 Harpreet Kataria 2016-03-30 12:50 EDT
Created attachment 1141864 [details]
Screenshot showing product features for self-service user
Comment 11 Dmitry Misharov 2016-03-31 02:17:26 EDT
After enabling access to see a VM summary screen, under "Access Rules for all Virtual Machines", I was able to verify this bug in 5.5.3.2.20160318152106_92d2d67. Thanks Harpreet.
Comment 13 errata-xmlrpc 2016-04-13 14:44:28 EDT
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2016:0616

Note You need to log in before you can comment on or make changes to this bug.