Description of problem: Cloud volume gets displayed despite restriction Version-Release number of selected component (if applicable): 5.6.1.0.20160726144018_810a94f How reproducible: Very Steps to Reproduce: 1. Create a new role 2. Create a new group based out of the above role. Assign a tag in "My Company Tags" under "Assign Filters" section 2. Create a user and assign the above role 3. As admin, navigate to Compute ==> Cloud ==> Providers ==> Select a provider ==> Policy ==> Edit Tags ==> Assign the above used tag 4. Login as the newly created user, navigate to Compute ==> Cloud ==> Providers ==> Click on the displayed cloud provider 5. Click on Cloud volumes in the Relationships section Actual results: Displays the provider's volume Expected results: Should not display any provider volume as there is no access provided by tag visibility Additional info:
https://github.com/ManageIQ/manageiq/pull/10427
New commit detected on ManageIQ/manageiq/master: https://github.com/ManageIQ/manageiq/commit/a762d026ab9d8fa644dcb538994e2d743eb14397 commit a762d026ab9d8fa644dcb538994e2d743eb14397 Author: Šimon Lukašík <isimluk> AuthorDate: Fri Aug 12 09:23:14 2016 +0200 Commit: Šimon Lukašík <isimluk> CommitDate: Fri Aug 12 09:23:16 2016 +0200 Cloud volumes shall obey rbac https://bugzilla.redhat.com/show_bug.cgi?id=1365567 app/models/miq_expression.rb | 1 + lib/rbac/filterer.rb | 1 + 2 files changed, 2 insertions(+)
Good to go. Verified and working fine in 5.7.0.11-rc1.20161115160629_46cf4f1. 5.7 version no longer has "Volumes" sub menu under Compute ==> Clouds section. Also, Cloud provider details page does not have "Volumes" option under Relationship section both in details section (right hand side) and Relationship drop down (on the left hand side)
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2017-0012.html