Bug 1365567 - WebUI: Tag Visibility - Cloud volume gets displayed despite restriction
Summary: WebUI: Tag Visibility - Cloud volume gets displayed despite restriction
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: Appliance
Version: 5.6.0
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: GA
: 5.7.0
Assignee: Šimon Lukašík
QA Contact: Ramesh A
URL:
Whiteboard: ui:tag:cloud:volume:rbac
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-08-09 14:47 UTC by Ramesh A
Modified: 2017-01-04 12:59 UTC (History)
8 users (show)

Fixed In Version: 5.7.0.0
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-01-04 12:59:24 UTC
Category: ---
Cloudforms Team: ---
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2017:0012 0 normal SHIPPED_LIVE CFME 5.7.0 bug fixes and enhancement update 2017-01-04 17:50:36 UTC

Description Ramesh A 2016-08-09 14:47:12 UTC 
Description of problem:
Cloud volume gets displayed despite restriction

Version-Release number of selected component (if applicable):
5.6.1.0.20160726144018_810a94f 

How reproducible:
Very

Steps to Reproduce:
1. Create a new role
2. Create a new group based out of the above role.  Assign a tag in "My Company Tags" under "Assign Filters" section 
2. Create a user and assign the above role
3. As admin, navigate to Compute ==> Cloud ==> Providers ==> Select a provider ==> Policy ==> Edit Tags ==> Assign the above used tag
4. Login as the newly created user, navigate to Compute ==> Cloud ==> Providers ==> Click on the displayed cloud provider
5. Click on Cloud volumes in the Relationships section

Actual results:
Displays the provider's volume

Expected results:
Should not display any provider volume as there is no access provided by tag visibility

Additional info:
Comment 2 Šimon Lukašík 2016-08-12 07:29:48 UTC 
https://github.com/ManageIQ/manageiq/pull/10427
Comment 3 CFME Bot 2016-08-22 22:10:58 UTC 
New commit detected on ManageIQ/manageiq/master:
https://github.com/ManageIQ/manageiq/commit/a762d026ab9d8fa644dcb538994e2d743eb14397

commit a762d026ab9d8fa644dcb538994e2d743eb14397
Author:     Šimon Lukašík <isimluk>
AuthorDate: Fri Aug 12 09:23:14 2016 +0200
Commit:     Šimon Lukašík <isimluk>
CommitDate: Fri Aug 12 09:23:16 2016 +0200

    Cloud volumes shall obey rbac
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1365567

 app/models/miq_expression.rb | 1 +
 lib/rbac/filterer.rb         | 1 +
 2 files changed, 2 insertions(+)
Comment 4 Ramesh A 2016-11-16 08:56:52 UTC 
Good to go. Verified and working fine in 5.7.0.11-rc1.20161115160629_46cf4f1.

5.7 version no longer has "Volumes" sub menu under Compute ==> Clouds section.  Also, Cloud provider details page does not have "Volumes" option under Relationship section both in details section (right hand side) and Relationship drop down (on the left hand side)
Comment 7 errata-xmlrpc 2017-01-04 12:59:24 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2017-0012.html
Note You need to log in before you can comment on or make changes to this bug.