1386736 – Groups unable to view workloads/hosts in OpenStack

Bug 1386736 - Groups unable to view workloads/hosts in OpenStack

Summary: Groups unable to view workloads/hosts in OpenStack

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat CloudForms Management Engine
Classification:	Red Hat
Component:	Appliance
Sub Component:
Version:	5.6.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	unspecified
Target Milestone:	GA
Target Release:	5.8.0
Assignee:	Libor Pichler
QA Contact:	Pavol Kotvan
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1395307
TreeView+	depends on / blocked

Reported:	2016-10-19 14:28 UTC by Krain Arnold
Modified:	2017-06-12 16:26 UTC (History)
CC List:	10 users (show)
Fixed In Version:	5.8.0.0
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Clones:	1395307 (view as bug list)
Environment:
Last Closed:	2017-06-12 16:26:48 UTC
Category:	---
Cloudforms Team:	Openstack
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
provider screenshot showing instance count (155.54 KB, image/png) 2016-10-19 14:30 UTC, Krain Arnold	no flags	Details
screenshot showing no visibility on instances (119.98 KB, image/png) 2016-10-19 14:31 UTC, Krain Arnold	no flags	Details
View All

Description Krain Arnold 2016-10-19 14:28:37 UTC

Description of problem:
A tenant/group with visibility of an OpenStack environment are unable to view workloads in that environment, although they can view the number of workloads at the provider level.

Version-Release number of selected component (if applicable):
5.6.0.13.20160624114606_13a9153

How reproducible:
100%

Steps to Reproduce:
1. Create a user that maps to a group with a Role that has no VM & Template Access Restriction
2. under the group configuration, go to Hosts/Nodes&Clusters/Deployment Roles and select only the OSP items. (these can not be expanded for further granularity as with VmWare, only the top level box can be selected)
3.Change ownership of all existing workloads in the OSP provider to the new group.
4. Log in as the new user, select the provider, observe the number of workloads on the provider under "relationships" (see screenshot) and click it to view the workloads.

Actual results:
met with a screen that says: * You are not authorized to view other 17 Instances on this Cloud Providers (see screenshot)

Expected results:
The user should see the instances.

Additional info:
The hosts in the undercloud are likewise visible at the provider level (e.g. I can see the number) but when I click through the page reports: "* You are not authorized to view other 7 Hosts on this Infrastructure Providers"

Comment 2 Krain Arnold 2016-10-19 14:30:36 UTC

Created attachment 1212172 [details]
provider screenshot showing instance count

Comment 3 Krain Arnold 2016-10-19 14:31:31 UTC

Created attachment 1212173 [details]
screenshot showing no visibility on instances

Comment 8 CFME Bot 2016-11-15 15:31:35 UTC

New commit detected on ManageIQ/manageiq/euwe:
https://github.com/ManageIQ/manageiq/commit/8c2bd2fd5a990f85149f7ac56bebeaa6ecb5a559

commit 8c2bd2fd5a990f85149f7ac56bebeaa6ecb5a559
Author:     Gregg Tanzillo <gtanzill>
AuthorDate: Mon Nov 14 16:29:55 2016 -0500
Commit:     Oleg Barenboim <chessbyte>
CommitDate: Tue Nov 15 10:28:30 2016 -0500

    Merge pull request #12493 from lpichler/list_vms_when_filter_for_provider_is_selected
    
    List vms or templates when filter for provider is selected
    (cherry picked from commit 5f31cba8670907e7ca7964dee6498b01a45599d9)
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1386736

 lib/rbac/filterer.rb           |  2 +-
 spec/lib/rbac/filterer_spec.rb | 21 +++++++++++++++++++++
 2 files changed, 22 insertions(+), 1 deletion(-)

Note You need to log in before you can comment on or make changes to this bug.