Description of problem: Cloud Network list is available for restricted user Version-Release number of selected component (if applicable): 5.8.2 How reproducible: 100% Steps to Reproduce: 1. Add cloud provider 2. Add group with tag restriction 3. Add user, assign to restricted group 4. Add tag to Network Manager 5. As restricted user navigate to Networks->Nstworks Actual results: Network list is visible for user, but detail page is not available() Expected results: Page should not display any not tagged items Additional info:
Gregg, Dan is thinking this is a backend issue and requesting your team do a first round of investigation. Ruslana is a superstar so put a needinfo on her if you need any assistance!!!
Ruslana, is this new to 5.8.2 or in 5.8.1 as well? Please add regression keyword and blocker flag if it is working in 5.8.1 please. Also, you nack'd the qe_test_coverage flag, you don't think we need a test for this, sounds like we should, maybe for rbac FA and Landon LaSmith.
Checked 5.8.1, works as expected. Add regression keyword Also agree that we need to add test cases to cover provider, network provider, and storage provider.
Libor and I tested this with a 5.8.2 appliance and did not see any issues. We followed the steps detailed in the description. As the "restricted" user we were only able to see the Cloud Network (under Network / Networks) that was tagged with the same tag as the user. We were also able to see the details page of that accessible Cloud Network. If you reproducer appliance please let us know and we'll continue to investigate.
Hi, Yes, I have the appliance with the issue had been reproduced, please check 10.8.196.231. Restricted users: userall/111 or usertest/111. And some more info for reproducing, only Network Manager(Networks -> Provider) should be tagged, and at the same time no tagging for Cloud Network(Network -> Networks). Also please check https://bugzilla.redhat.com/show_bug.cgi?id=1445163, I am not sure, but this fix could have some impact on the current issue. Thanks
Created attachment 1328841 [details] empty_lists_no_tags no tagged items
Created attachment 1328842 [details] network_manager_tagged only network manager is tagged but also cloud network is visible
https://github.com/ManageIQ/manageiq/pull/16063
New commit detected on ManageIQ/manageiq/master: https://github.com/ManageIQ/manageiq/commit/847cbcd498861af2defc2341ba45ff7dff05302e commit 847cbcd498861af2defc2341ba45ff7dff05302e Author: lpichler <lpichler> AuthorDate: Sun Oct 1 21:45:52 2017 +0200 Commit: lpichler <lpichler> CommitDate: Sun Oct 1 21:45:52 2017 +0200 Add test cases related with tag network managers related to case from https://bugzilla.redhat.com/show_bug.cgi?id=1487179 spec/lib/rbac/filterer_spec.rb | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+)