Bug 1462269 - Empty page on Cloud Volume page
Summary: Empty page on Cloud Volume page
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: Storage
Version: 5.7.0
Hardware: Unspecified
OS: Unspecified
medium
urgent
Target Milestone: GA
: 5.10.0
Assignee: Sam Lucidi
QA Contact: Ido Ovadia
URL:
Whiteboard: openstack
: 1533057 (view as bug list)
Depends On:
Blocks: 1530716 1530717
TreeView+ depends on / blocked
 
Reported: 2017-06-16 14:47 UTC by Oleksandr Kolisnyk
Modified: 2021-12-10 15:05 UTC (History)
14 users (show)

Fixed In Version: 5.10.0.0
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
: 1530716 1530717 (view as bug list)
Environment:
Last Closed: 2019-02-11 13:54:07 UTC
Category: ---
Cloudforms Team: Openstack
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)
page screen (60.76 KB, image/png)
2017-06-16 14:47 UTC, Oleksandr Kolisnyk 		no flags Details
cloud volume role features for role Eqnx-Clientes (24.33 KB, image/png)
2017-11-23 15:47 UTC, myoder 		no flags Details
compute infra role settings (22.11 KB, image/png)
2017-11-24 15:54 UTC, myoder 		no flags Details
View All

Description Oleksandr Kolisnyk 2017-06-16 14:47:33 UTC 
Created attachment 1288386 [details]
page screen

Description of problem:
Cloud volume page shows no info

Version-Release number of selected component (if applicable):
5.7.3.1 and RHOS 10

How reproducible:
Always

Steps to Reproduce:
1. Go Storage -> Volumes
2. Click on and existing volume

Actual results:
Volume page shows no info (attach)

Expected results:
Appropriate info is displayed

Additional info:
Comment 2 Oleksandr Kolisnyk 2017-06-16 14:55:58 UTC 
UPD. 'Detach volume from instance' is empty too, I think it is the same as in a topic

Steps:
1. Open any volume page
2. Click Configuration -> Detach this Cloud Volume from an Instance

As result - empty page
Comment 3 Scott Seago 2017-11-16 16:36:58 UTC 
I can't reproduce this on either 5.7 or on master -- is this still happening?
Comment 4 Jerry Keselman 2017-11-21 17:07:23 UTC 
I cannot reproduce this either.  Please let us know if this is still happening for you.  Thanks!
Comment 7 myoder 2017-11-23 15:47:23 UTC 
Created attachment 1358265 [details]
cloud volume role features for role Eqnx-Clientes
Comment 9 myoder 2017-11-24 15:54:12 UTC 
Created attachment 1358691 [details]
compute infra role settings
Comment 24 CFME Bot 2017-12-20 20:05:19 UTC 
https://github.com/ManageIQ/manageiq-api/pull/254
Comment 25 Tim Wade 2017-12-20 20:16:29 UTC 
Just to answer the NEEDINFO, I believe the issue was that read access for individual cloud volumes required more privileges than necessary. I've made a PR above to address this.
Comment 26 Sam Lucidi 2017-12-20 20:38:33 UTC 
It looks like the other half of this issue is related to the 'providers' api endpoint. The cloud volume form calls to it to request a list of providers/managers with storage capabilities, but fails if the user doesn't have ems_infra permissions. 

Looking at https://github.com/imtayadeway/manageiq-api/blob/cebbdc102cd87d0d5120ca35c8571132f7e530eb/config/api.yml#L1856 it appears that the providers endpoint uses all ems_infra related roles. I'm not sure if the issue is that the required permissions are incorrect, if it's the wrong endpoint to use to list storage managers on this form, or if it's just misaligned expectations.
Comment 27 CFME Bot 2017-12-20 22:05:29 UTC 
New commit detected on ManageIQ/manageiq-api/master:
https://github.com/ManageIQ/manageiq-api/commit/cebbdc102cd87d0d5120ca35c8571132f7e530eb

commit cebbdc102cd87d0d5120ca35c8571132f7e530eb
Author:     Tim Wade <hello>
AuthorDate: Wed Dec 20 11:45:35 2017 -0800
Commit:     Tim Wade <hello>
CommitDate: Wed Dec 20 11:45:35 2017 -0800

    Only require read priviliges to show cloud volumes
    
    It looks like the RBAC identifier needed for `CloudVolumes#show` has
    been configured incorrectly as `cloud_volume` - the parent of all
    cloud volumes. Hence, it requires a user to have all priviliges just
    to view individual cloud volumes. Changing this to `cloud_volume_show`
    should allow read-only access for users that don't have full
    privileges.
    
    Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1462269

 config/api.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
Comment 32 Tim Wade 2018-03-13 17:55:52 UTC 
*** Bug 1533057 has been marked as a duplicate of this bug. ***
Comment 34 Ido Ovadia 2018-06-17 21:11:57 UTC 
Verified
========
5.10.0.0
Note You need to log in before you can comment on or make changes to this bug.