Bugzilla (bugzilla.redhat.com) will be under maintenance for infrastructure upgrades and will not be unavailable on July 31st between 12:30 AM - 05:30 AM UTC. We appreciate your understanding and patience. You can follow status.redhat.com for details.
Bug 1418269 - Missing common error templates (incl. missing permission)
Summary: Missing common error templates (incl. missing permission)
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Satellite
Classification: Red Hat
Component: WebUI
Version: 6.2.7
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: 6.4.0
Assignee: Justin Sherrill
QA Contact: Roman Plevka
URL: http://projects.theforeman.org/issues...
Whiteboard:
: 1443817 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-02-01 12:22 UTC by Lukas Zapletal
Modified: 2020-06-11 13:15 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2018-10-16 19:05:32 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Foreman Issue Tracker 18338 0 Normal Closed Missing common error templates (incl. missing permission) 2021-02-19 12:22:45 UTC

Description Lukas Zapletal 2017-02-01 12:22:32 UTC
ello,

in the main application controller we redirect to common/4xx views but these are not present causing the Rails app to crash with generic 500:

[lzap@lzapx katello]$ ag common/40
app/controllers/katello/application_controller.rb
299:        format.html { render :template => "katello/common/403", :layout => !request.xhr?, :status => 403 }
313:        format.html { render :template => "katello/common/404", :layout => !request.xhr?, :status => 404 }
360:          render :template => 'katello/common/400', :layout => !request.xhr?, :status => status,
I experienced this with Satellite 6.2, if this is an easy fix, please file backport BZ, thanks.

2017-02-01 06:17:22 [app] [I] Started GET "/katello/403" for 10.40.204.143 at 2017-02-01 06:17:22 -0500
2017-02-01 06:17:22 [app] [I] Processing by Katello::ApplicationController#permission_denied as HTML
2017-02-01 06:17:22 [app] [I] Completed 500 Internal Server Error in 128ms
2017-02-01 06:17:22 [app] [F] 
 | ActionView::MissingTemplate (Missing template katello/common/403 with {:locale=>[:en], :formats=>[:html], :variants=>[], :handlers=>[:erb, :builder, :raw, :ruby, :rabl]}. Searched in:
 |   * "/usr/share/foreman/app/views" 
 |   * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman_remote_execution-0.3.0.13/app/views" 
 |   * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman_openscap-0.5.3.18/app/views" 
 |   * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman_discovery-5.0.0.9/app/views" 
 |   * "/opt/theforeman/tfm/root/usr/share/gems/gems/redhat_access-1.0.13/app/views" 
 |   * "/opt/theforeman/tfm/root/usr/share/gems/gems/katello-3.0.0.95/app/views" 
 |   * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman-tasks-0.7.14.11/app/views" 
 |   * "/opt/theforeman/tfm/root/usr/share/gems/gems/bastion-3.2.0.10/app/views" 
 |   * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman_bootdisk-6.1.0.3/app/views" 
 |   * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman_docker-2.0.1.11/app/views" 
 |   * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman_theme_satellite-0.1.38/app/views" 
 |   * "/opt/theforeman/tfm/root/usr/share/gems/gems/apipie-rails-0.3.6/app/views" 
 | ):
 |   katello (3.0.0.95) app/controllers/katello/application_controller.rb:290:in `block (2 levels) in render_403'
 |   katello (3.0.0.95) app/controllers/katello/application_controller.rb:289:in `render_403'
 |   app/controllers/application_controller.rb:61:in `deny_access'
 |   app/controllers/application_controller.rb:53:in `authorize'
 |   lib/middleware/catch_json_parse_errors.rb:9:in `call'
 | 

When implementing this and you decide not to use Foreman core error pages, please render missing permission for 403 errors, this is very important. Users struggle finding correct permissions and Foreman core 403 page already shows that. See #12754 for more details.

This is bastion issue, can't find correct component for it, set WebUI for now.

TRIAGE NOTES: Please backport, high impact (all customers trying to setup role permissions), low effort (we just need a missing template or redirect to foreman core template), improved SELF-HEALING capabilities, very important.

Comment 2 Marek Hulan 2017-04-28 10:57:56 UTC
*** Bug 1443817 has been marked as a duplicate of this bug. ***

Comment 3 pm-sat@redhat.com 2017-07-06 18:11:27 UTC
Upstream bug assigned to jsherril@redhat.com

Comment 5 pm-sat@redhat.com 2017-07-19 22:11:31 UTC
Moving this bug to POST for triage into Satellite 6 since the upstream issue http://projects.theforeman.org/issues/18338 has been resolved.

Comment 7 Roman Plevka 2018-09-14 09:08:07 UTC
VERIFIED
on sat6.4.0-21

the error pages now show properly
- tested on 403 and 404.

403:

2018-09-14T05:03:33 [I|app|] Started GET "/job_invocations/2" for 10.40.205.144 at 2018-09-14 05:03:33 -0400
2018-09-14T05:03:33 [I|app|c8de7] Processing by JobInvocationsController#show as HTML
2018-09-14T05:03:33 [I|app|c8de7]   Parameters: {"id"=>"2"}
2018-09-14T05:03:33 [I|app|c8de7] Current user: foo (regular user)
2018-09-14T05:03:33 [I|app|c8de7]   Rendering common/403.html.erb within layouts/application
...
2018-09-14T05:03:33 [I|app|c8de7]   Rendered layouts/base.html.erb (20.8ms)
2018-09-14T05:03:33 [I|app|c8de7] Filter chain halted as :authorize rendered or redirected
2018-09-14T05:03:33 [I|app|c8de7] Completed 403 Forbidden in 44ms (Views: 23.8ms | ActiveRecord: 4.5ms)

for 404:

2018-09-14T05:05:31 [I|app|] Started GET "/foreman_tasks/tasks/1" for 10.40.205.144 at 2018-09-14 05:05:31 -0400
2018-09-14T05:05:31 [I|app|2860f] Processing by ForemanTasks::TasksController#show as HTML
2018-09-14T05:05:31 [I|app|2860f]   Parameters: {"id"=>"1"}
2018-09-14T05:05:31 [I|app|2860f] Current user: foo (regular user)
2018-09-14T05:05:31 [I|app|2860f]   Rendering common/404.html.erb within layouts/application
2018-09-14T05:05:31 [I|app|2860f]   Rendered common/404.html.erb within layouts/application (3.2ms)
2018-09-14T05:05:31 [I|app|2860f]   Rendered layouts/_application_content.html.erb (1.3ms)
2018-09-14T05:05:31 [I|app|2860f]   Rendering layouts/base.html.erb
2018-09-14T05:05:31 [I|app|2860f]   Rendered layouts/base.html.erb (1.7ms)
2018-09-14T05:05:31 [I|app|2860f] Completed 404 Not Found in 30ms (Views: 9.0ms | ActiveRecord: 4.0ms)

Comment 8 Bryan Kearney 2018-10-16 19:05:32 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2018:2927


Note You need to log in before you can comment on or make changes to this bug.