Hide Forgot
Description of problem: When using a user with restricted rights the lifecycle environments are not correctly displayed in the web ui Version-Release number of selected component (if applicable): 6.2.2 - 6.2.6 How reproducible: 100% Steps to Reproduce: 1. The role assigned to the user has the following permission set # hammer -u admin -p redhat role filters --id=22 ----|-------------------------|-----------------------------------------------------------------|------------|---------|--------------------------------------------------------------------------------- ID | RESOURCE TYPE | SEARCH | UNLIMITED? | ROLE | PERMISSIONS ----|-------------------------|-----------------------------------------------------------------|------------|---------|--------------------------------------------------------------------------------- 167 | Katello::Product | name ~ "Test_*" || name ~ "rhel7*" | no | Limited | view_products, create_products, edit_products, destroy_products, sync_product... 168 | Katello::System | host_collection ~ "Test_*_Dev" || host_collection ~ "Test_*_QA" | no | Limited | view_content_hosts, edit_content_hosts 169 | Katello::ContentView | name ~ "Test_*" || name ~ "rhel7*" | no | Limited | view_content_views, create_content_views, edit_content_views, destroy_content... 170 | Host | host_collection ~ "Test_*_Dev" || host_collection ~ "Test_*_QA" | no | Limited | view_hosts, edit_hosts 171 | Katello::HostCollection | name ~ "Test_*_Dev" || name ~ "Test_*_QA" | no | Limited | view_host_collections, edit_host_collections 172 | JobInvocation | none | yes | Limited | create_job_invocations, view_job_invocations 173 | Katello::KTEnvironment | name ~ Dev || name ~ QA | no | Limited | view_lifecycle_environments, edit_lifecycle_environments, promote_or_remove_c... 174 | Katello::ActivationKey | name ~ ak_test | no | Limited | view_activation_keys, create_activation_keys, edit_activation_keys, destroy_a... 176 | Organization | none | yes | Limited | view_organizations, assign_organizations, view_subscriptions, attach_subscrip... ----|-------------------------|-----------------------------------------------------------------|------------|---------|--------------------------------------------------------------------------------- 2. Show all the environments with hammer # hammer -u admin -p redhat lifecycle-environment list --organization ACME ---|---------|-------- ID | NAME | PRIOR ---|---------|-------- 3 | test2 | Library 2 | test | Library 5 | qa2 | test2 4 | qa1 | test 7 | QA | Library 1 | Library | 6 | Dev | Library ---|---------|-------- 3. Verify the restriction with hammer # hammer -u limited -p redhat lifecycle-environment list --organization ACME ---|------|-------- ID | NAME | PRIOR ---|------|-------- 5 | qa2 | test2 4 | qa1 | test 7 | QA | Library 6 | Dev | Library ---|------|-------- 4. Login to the web ui as the limited user and navigate to the lifecycle environments page Actual results: The title bars for each of the lifecycle environment tables have been suppressed but the actual counts of Content Views and Content Hosts are still visible. Expected results: The lifecycle environments that the user is authorized to see are shown and all others are suppressed. Additional info:
Created redmine issue http://projects.theforeman.org/issues/18034 from this bug
This was delivered in Snap1
Verified on 6.2.9 snap 9 The entire columns are hidden of non-visible environments.
Hi - Which satellite release we are targeting this fix? Thanks.
Hello Amit, This fix for this one is currently targeted for Satellite 6.3. Thanks.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. > > > > For information on the advisory, and where to find the updated files, follow the link below. > > > > If the solution does not work for you, open a new bug report. > > > > https://access.redhat.com/errata/RHSA-2018:0336