Bug 1516684 - Unable to refresh/submit user groups with linked external group used for Ldap auth
Summary: Unable to refresh/submit user groups with linked external group used for Ldap...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Satellite
Classification: Red Hat
Component: LDAP
Version: 6.3.0
Hardware: Unspecified
OS: Unspecified
unspecified
medium vote
Target Milestone: Unspecified
Assignee: Marek Hulan
QA Contact: Sanket Jagtap
URL:
Whiteboard:
: 1526757 (view as bug list)
Depends On:
Blocks: 1404507
TreeView+ depends on / blocked
 
Reported: 2017-11-23 09:34 UTC by Sanket Jagtap
Modified: 2019-09-26 17:28 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2018-02-21 16:54:37 UTC
Target Upstream Version:


Attachments (Terms of Use)
Whole traceback from UI on refresh (16.90 KB, text/plain)
2017-11-23 09:34 UTC, Sanket Jagtap
no flags Details
Whole traceback from UI on submit (241.02 KB, text/plain)
2017-11-23 09:36 UTC, Sanket Jagtap
no flags Details


Links
System ID Priority Status Summary Last Updated
Foreman Issue Tracker 11153 Low Closed Traceback when LDAP authentication password is incorrect 2020-04-01 10:12:10 UTC
Github /theforeman/foreman/commit/60b7b98d42b905084acd63515c823ac965b608 None None None 2020-04-01 10:12:09 UTC
Red Hat Bugzilla 1526757 None None None 2019-09-18 07:51:13 UTC

Internal Links: 1526757

Description Sanket Jagtap 2017-11-23 09:34:46 UTC
Created attachment 1358088 [details]
Whole traceback from UI on refresh

Description of problem:


Version-Release number of selected component (if applicable):
Build : Satellite 6.3.0 snap 25

How reproducible:
Always

Steps to Reproduce:
1. Add a external Auth source. Here I added a IDM 
2. Create a Usergroup
3. Associate the external group from LDAP to the create user group
4. Try and hit refresh for the external linked user group


Actual results:
1 )Traceback for refresh
Oops, we're sorry but something went wrong Missing template external_usergroups/refresh, application/refresh with {:locale=>[:en], :formats=>[:html], :variants=>[], :handlers=>[:erb, :builder, :raw, :ruby, :rabl]}. Searched in: * "/usr/share/foreman/app/views" * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman_openscap-0.7.10/app/views" * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman_remote_execution-1.3.7/app/views" * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman_theme_satellite-1.0.4.12/app/views" * "/opt/theforeman/tfm/root/usr/share/gems/gems/redhat_access-2.0.12/app/views" * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman_virt_who_configure-0.1.8/app/views" * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman_bootdisk-9.0.0/app/views" * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman_discovery-9.1.5/app/views" * "/opt/theforeman/tfm/root/usr/share/gems/gems/katello-3.4.5.27/app/views" * "/opt/theforeman/tfm/root/usr/share/gems/gems/bastion-5.1.1/app/views" * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman_docker-3.1.0/app/views" * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman-tasks-0.9.6/app/views" * "/opt/theforeman/tfm/root/usr/share/gems/gems/apipie-rails-0.5.4/app/views"

2) Traceback on submitting the usergroup
Oops, we're sorry but something went wrong stack level too deep

Expected results:
The user group should be refreshed successfully

Additional info:
I am unable to configure user group with LDAP external groups
Also , a regression from 6.2

Comment 2 Sanket Jagtap 2017-11-23 09:36:14 UTC
Created attachment 1358089 [details]
Whole traceback from UI on submit

Comment 3 Daniel Lobato Garcia 2017-11-23 13:28:48 UTC
Could you provide more details about the structure of the LDAP user group you're trying to add? Does it work with other auth sources? If I'm not wrong this was working on other snaps, so I'd like to be able to reproduce to fix it asap.

Thanks Sanket!

Comment 4 Sanket Jagtap 2017-11-23 14:14:19 UTC
I tried with both AD and IDM. Both got me same traceback on refresh. I can provide you the reproducer.

 I am not sure, when this was broken.

Comment 7 pm-sat@redhat.com 2017-12-13 13:09:31 UTC
Moving this bug to POST for triage into Satellite 6 since the upstream issue http://projects.theforeman.org/issues/11153 has been resolved.

Comment 8 Sanket Jagtap 2017-12-18 07:16:31 UTC
Build: Satellite 6.3.0 snap 29

I was unable to create a Usergroup with external group , when clicked on Submit i get a Traceback

PFA,

Comment 10 Sanket Jagtap 2017-12-18 07:36:50 UTC
Comment https://bugzilla.redhat.com/show_bug.cgi?id=1516684#c8 happens when I add the IPA LDAP Auth source with some user other than admin.

When I try the same with admin user I am able to create Usergroup but when i refresh the linked external group I am still able to reproduce the Original error from https://bugzilla.redhat.com/show_bug.cgi?id=1516684#c0
PFA https://bugzilla.redhat.com/attachment.cgi?id=1358088

Comment 11 Marek Hulan 2017-12-19 18:06:50 UTC
> Comment https://bugzilla.redhat.com/show_bug.cgi?id=1516684#c8 happens when I add the IPA LDAP Auth source with some user other than admin.

you're hitting separate issue, this was fixed it for updating existing auth source, creation was missed :-( I'll address this together with the proper fix

> When I try the same with admin user I am able to create Usergroup but when i
> refresh the linked external group I am still able to reproduce the Original error 
> from https://bugzilla.redhat.com/show_bug.cgi?id=1516684#c0

this was introduced by a different commit that was cherrypicked together, I've opened another PR upstream that will need to be cherrypicked, once the PR is merged - https://github.com/theforeman/foreman/pull/5102

Comment 12 Marek Hulan 2017-12-20 11:01:24 UTC
Ready for another cherrypick, this time https://github.com/theforeman/foreman/commit/60b7b98d42b905084acd63515c823ac965b608a4 is needed

Comment 13 Sanket Jagtap 2017-12-27 06:47:16 UTC
Build: Satellite 6.3.0 snap30 

I am able to add the LDAP Auth, tested with AD and IDM
I was able to create usergroup and associate external usergroup from auth sources.
The users in the user group from auth sources successfully inherited the permissions from the user group
I was able to refresh the external groups.
No error or traceback was seen

Comment 14 Nagoor Shaik 2017-12-27 11:29:49 UTC
*** Bug 1526757 has been marked as a duplicate of this bug. ***

Comment 15 pm-sat@redhat.com 2018-02-21 16:54:37 UTC
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA.
> > 
> > For information on the advisory, and where to find the updated files, follow the link below.
> > 
> > If the solution does not work for you, open a new bug report.
> > 
> > https://access.redhat.com/errata/RHSA-2018:0336


Note You need to log in before you can comment on or make changes to this bug.