Description of problem: The backend API shows users as authenticated and authorized, when they potentially shouldn't be and the SSUI team works around it. See bug: https://bugzilla.redhat.com/show_bug.cgi?id=1443800#c5 Version-Release number of selected component (if applicable): 5.8.0 How reproducible: Steps to Reproduce: 1.Configure External Auth 2.Try to log in to SSUI with a user with invalid perms. 3. Actual results: evm.log shows user as authorized Expected results: User shouldn't be authorized. Additional info: SSUI doesn't handle groups well which makes this problem hard to reproduce. https://bugzilla.redhat.com/show_bug.cgi?id=1451891 https://bugzilla.redhat.com/show_bug.cgi?id=1452320 https://bugzilla.redhat.com/show_bug.cgi?id=1421878 https://bugzilla.redhat.com/show_bug.cgi?id=1437682
*** This bug has been marked as a duplicate of bug 1391690 ***
I'm not sure it's a duplicate, related but not necessarily a duplicate. BZ 1391690 says the logging is wrong. This bug is to address the fact that the API doesn't authorize correctly. Now maybe BZ1391690 needs more wording to reflect it's not a error in what we write to the logs.
Per discussion with gtanzillo, this bug is still valid. It's to fix the issue where the API doesn't authorize properly. Where bug BZ1391690 is to fix incorrect logging.
Chris, Can someone from SSUI add info about what they debugged with the API not working in bug https://bugzilla.redhat.com/show_bug.cgi?id=1443800 Alberto needs more info.
Allen - looks like you did the original fix for this, could you please provide the info for Matt?
I wouldn't call it a fix... alls i did was say if the only product feature a user has is to see the sui dashboard they aren't logged in... even if the credentials are correct (as was requested by the powers that be) https://github.com/ManageIQ/manageiq-ui-self_service/commit/e93af55ec6b01e815dbd54d75c240754c83a0009
When you reproduce this Matt please provide the api log.
and a dump of the database
There has been no activity on the NEEDINFO request for this BZ for months. Additionally the SUI has been updated with new product features that change how it works. I'm going to close this as WILLNOTFIX If this issue or anything similar is still observed please open a new BZ.
clearing the needs info.