Created attachment 1389929 [details] vm-portal-screenshot Description of problem: Version-Release number of selected component (if applicable): 4.2.0.2-1.el7.centos upgrade from 3.6 How reproducible: 1. configure ovirt-engine with ldap authentication, worked 2. assign vm to a ldap user(figure userrole-ok.png) 3. login vm portal with ldap user and password 4. no vm, and create vm button activated. i suppose this button should be activated if the login user is poweruser role.(figure vm-portal-screenshot.png) ovirt-engine.log-------------> 2018-02-02 14:02:06,866+08 INFO [org.ovirt.engine.core.bll.ConcurrentChildCommandsExecutionCallback] (EE-ManagedThreadFactory-engineScheduled-Thread-60) [a74d93ce-276c-4139-831b-05da62da6672] Command 'ImportVm' (id: '4c2c2712-c636-45d8-aab6-5f09d18fe130') waiting on child command id: '0df742dd-761a-4f3a-a84a-592dee32a53d' type:'CopyImageGroup' to complete 2018-02-02 14:02:16,881+08 INFO [org.ovirt.engine.core.bll.ConcurrentChildCommandsExecutionCallback] (EE-ManagedThreadFactory-engineScheduled-Thread-57) [a74d93ce-276c-4139-831b-05da62da6672] Command 'ImportVm' (id: '4c2c2712-c636-45d8-aab6-5f09d18fe130') waiting on child command id: '0df742dd-761a-4f3a-a84a-592dee32a53d' type:'CopyImageGroup' to complete 2018-02-02 14:02:26,894+08 INFO [org.ovirt.engine.core.bll.ConcurrentChildCommandsExecutionCallback] (EE-ManagedThreadFactory-engineScheduled-Thread-64) [a74d93ce-276c-4139-831b-05da62da6672] Command 'ImportVm' (id: '4c2c2712-c636-45d8-aab6-5f09d18fe130') waiting on child command id: '0df742dd-761a-4f3a-a84a-592dee32a53d' type:'CopyImageGroup' to complete 2018-02-02 14:02:34,527+08 INFO [org.ovirt.engine.core.bll.aaa.LogoutSessionCommand] (default task-480) [6632f66a] Running command: LogoutSessionCommand internal: false. 2018-02-02 14:02:34,570+08 INFO [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (default task-480) [6632f66a] EVENT_ID: USER_VDC_LOGOUT(31), User shenhao589.com connected from '10.50.40.221' using session 'J/CkkLNl8EglbZrGJ+aZY7ha1QHyJIrqtJfHTxAg/sEmTeIvFcCoy6pK0xt81c1navlIYTx0PLrp0gw7Da8y1A==' logged out. 2018-02-02 14:02:34,601+08 INFO [org.ovirt.engine.core.sso.servlets.OAuthRevokeServlet] (default task-479) [] User shenhao589.com successfully logged out 2018-02-02 14:02:34,623+08 INFO [org.ovirt.engine.core.bll.aaa.TerminateSessionsForTokenCommand] (default task-482) [11aceaa9] Running command: TerminateSessionsForTokenCommand internal: true. 2018-02-02 14:02:36,908+08 INFO [org.ovirt.engine.core.bll.ConcurrentChildCommandsExecutionCallback] (EE-ManagedThreadFactory-engineScheduled-Thread-91) [a74d93ce-276c-4139-831b-05da62da6672] Command 'ImportVm' (id: '4c2c2712-c636-45d8-aab6-5f09d18fe130') waiting on child command id: '0df742dd-761a-4f3a-a84a-592dee32a53d' type:'CopyImageGroup' to complete 2018-02-02 14:02:46,921+08 INFO [org.ovirt.engine.core.bll.ConcurrentChildCommandsExecutionCallback] (EE-ManagedThreadFactory-engineScheduled-Thread-82) [a74d93ce-276c-4139-831b-05da62da6672] Command 'ImportVm' (id: '4c2c2712-c636-45d8-aab6-5f09d18fe130') waiting on child command id: '0df742dd-761a-4f3a-a84a-592dee32a53d' type:'CopyImageGroup' to complete 2018-02-02 14:02:51,272+08 INFO [org.ovirt.engine.core.sso.utils.AuthenticationUtils] (default task-519) [] User shenhao589.com successfully logged in with scopes: ovirt-app-admin ovirt-app-api ovirt-app-portal ovirt-ext=auth:sequence-priority=~ ovirt-ext=revoke:revoke-all ovirt-ext=token-info:authz-search ovirt-ext=token-info:public-authz-search ovirt-ext=token-info:validate ovirt-ext=token:password-access ==============================================///login with ldap cretential here 2018-02-02 14:02:56,936+08 INFO [org.ovirt.engine.core.bll.ConcurrentChildCommandsExecutionCallback] (EE-ManagedThreadFactory-engineScheduled-Thread-9) [a74d93ce-276c-4139-831b-05da62da6672] Command 'ImportVm' (id: '4c2c2712-c636-45d8-aab6-5f09d18fe130') waiting on child command id: '0df742dd-761a-4f3a-a84a-592dee32a53d' type:'CopyImageGroup' to complete 2018-02-02 14:02:58,536+08 INFO [org.ovirt.engine.core.bll.aaa.CreateUserSessionCommand] (default task-546) [6080d76] Running command: CreateUserSessionCommand internal: false. 2018-02-02 14:02:58,557+08 INFO [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (default task-546) [6080d76] EVENT_ID: USER_VDC_LOGIN(30), User shenhao589.com connecting from '10.50.40.221' using session 'LQu2zudqgk1cCY4QVJvPEIAbW34oik4njB3qjRDbq3sLCMBBR9jk4/rHpwmQ6NUCwXuj7xYu6GxzAzlet3/eEQ==' logged in. 2018-02-02 14:02:59,353+08 ERROR [org.ovirt.engine.core.bll.GetSystemStatisticsQuery] (default task-561) [4d2a559c-a449-4d07-9870-2034940dee5f] Query execution failed due to insufficient permissions. 2018-02-02 14:02:59,481+08 ERROR [org.ovirt.engine.core.bll.GetPermissionsForObjectQuery] (default task-566) [e80e512c-1ad1-4ac1-9574-6c211cecf175] Query execution failed due to insufficient permissions. 2018-02-02 14:02:59,483+08 ERROR [org.ovirt.engine.api.restapi.resource.AbstractBackendResource] (default task-566) [] Operation Failed: query execution failed due to insufficient permissions.
Created attachment 1389930 [details] userrole-ok
i update ovirt to ovirt-engine to 4.2.1.6, the problem is still here.
I have the same problem. If I do the RestAPI query using curl https://localhost/ovirt-engine/api/vms -u "user@ldapdomain":password -H "filter: true" -k ,I will get right number of VM's. Best regards Petr
should be the same as https://github.com/oVirt/ovirt-web-ui/issues/460, depending on bug 1534607 - fixed in 4.2.2 please confirm it works in 4.2.2
*** Bug 1550081 has been marked as a duplicate of this bug. ***
(In reply to Michal Skrivanek from comment #4) > should be the same as https://github.com/oVirt/ovirt-web-ui/issues/460, > depending on bug 1534607 - fixed in 4.2.2 > > please confirm it works in 4.2.2 Situation is better. But not working perfect. When I open vmportal, there are no vm's and "Loading..." banner displayed. When I refresh the web page, vm's are here, but "Loading..." banner still present. Regards, Petr
Created attachment 1422453 [details] vm-portal
Created attachment 1422455 [details] vm-portal-refreshed
Hi, We're experiencing a similar problem with VM pools on which users have UserRole permissions. When logging in on the VM portal, it shows the message that no VM's are available for that user. After clicking the reload icon on the top right of the page, the two pools show up and the user can run the VM. Upon initial login/load the following messages are logged by ovirt-engine: 2018-09-25 10:19:04,105+02 INFO [org.ovirt.engine.core.sso.utils.AuthenticationUtils] (default task-3) [] User u0045469.be successfully logged in with scopes: ovirt-app-admin ovirt-app-api ovirt-app-portal ovirt-ext=auth:sequence-priority=~ ovirt-ext=revoke:revoke-all ovirt-ext=token-info:authz-search ovirt-ext=token-info:public-authz-search ovirt-ext=token-info:validate ovirt-ext=token:password-access 2018-09-25 10:19:04,222+02 INFO [org.ovirt.engine.core.bll.aaa.CreateUserSessionCommand] (default task-3) [5b9c952a] Running command: CreateUserSessionCommand internal: false. 2018-09-25 10:19:04,279+02 INFO [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (default task-3) [5b9c952a] EVENT_ID: USER_VDC_LOGIN(30), User u0045469.be-authz connecting from '134.58.63.21' using session '6POO27z6JBIl23b1gNdnjZ0sE0WDeFWDya9mX5UekDGoDVaMeBg6kOaXzpE0F3Tyup6K/spD9CIj1vm4Xsn+fw==' logged in. 2018-09-25 10:19:04,867+02 ERROR [org.ovirt.engine.core.bll.GetSystemStatisticsQuery] (default task-3) [1fbfe2eb-a2f3-4091-9b05-d6085b30e772] Query execution failed due to insufficient permissions. 2018-09-25 10:19:04,985+02 ERROR [org.ovirt.engine.core.bll.GetPermissionsForObjectQuery] (default task-3) [7b07226f-e8bd-47a5-b1cf-58ab41413bd7] Query execution failed due to insufficient permissions. 2018-09-25 10:19:04,989+02 ERROR [org.ovirt.engine.api.restapi.resource.AbstractBackendResource] (default task-3) [] Operation Failed: query execution failed due to insufficient permissions. 2018-09-25 10:19:05,662+02 ERROR [org.ovirt.engine.core.bll.storage.domain.GetStorageDomainListByIdQuery] (default task-5) [2024ca5d-4596-4298-987b-ff8a45c1127f] Query execution failed due to insufficient permissions. 2018-09-25 10:19:05,665+02 ERROR [org.ovirt.engine.core.bll.storage.domain.GetStorageDomainListByIdQuery] (default task-5) [2024ca5d-4596-4298-987b-ff8a45c1127f] Query execution failed due to insufficient permissions. After clicking the reload/refresh button, no messages are logged. Regards, Rik
@Alex, please test on the latest release, ovirt 4.2.7 / ovirt-web-ui 1.4.4 You can test quickly using docker: docker run --rm -it -e ENGINE_URL=https://[OVIRT.ENGINE.FQDN]/ovirt-engine/ -p 3000:3000 ovirtwebui/ovirt-web-ui:latest
@Rik, same, please test on the latest release, ovirt 4.2.7 / ovirt-web-ui 1.4.4 You can test quickly using docker: docker run --rm -it -e ENGINE_URL=https://[OVIRT.ENGINE.FQDN]/ovirt-engine/ -p 3000:3000 ovirtwebui/ovirt-web-ui:latest
Hi, I've tested it on 4.2.7 with web-ui 1.4.4-2 and the issue remains. When I log in it shows there are no VM's. When I click the refresh icon in the upper right corner, the pools from which I can take VM's are found and displayed. The engine log shows the errors below. Regards, Rik 2018-11-15 14:25:23,150+01 INFO [org.ovirt.engine.core.sso.utils.AuthenticationUtils] (default task-3) [] User u0045469.be successfully logged in with scopes: ovirt-app-admin ovirt-app-api ovirt-app-portal ovirt-ext=auth:sequence-priority=~ ovirt-ext=revoke:revoke-all ovirt-ext=token-info:authz-search ovirt-ext=token-info:public-authz-search ovirt-ext=token-info:validate ovirt-ext=token:password-access 2018-11-15 14:25:23,414+01 INFO [org.ovirt.engine.core.bll.aaa.CreateUserSessionCommand] (default task-3) [25d6bdac] Running command: CreateUserSessionCommand internal: false. 2018-11-15 14:25:23,457+01 INFO [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (default task-3) [25d6bdac] EVENT_ID: USER_VDC_LOGIN(30), User u0045469.be-authz connecting from '134.58.63.21' using session 'axMPDGJinfU020CFz5O9VbpN5fFSZi1oE1tq/d4+kEZhno/jLVNyR0NQzf4FlRoonHxNkMfzcqpnEsx7aXbMvA==' logged in. 2018-11-15 14:25:24,216+01 INFO [org.ovirt.engine.core.utils.servlet.CORSSupportFilter] (default task-3) [] CORS support is disabled. 2018-11-15 14:25:24,480+01 ERROR [org.ovirt.engine.core.bll.GetPermissionsForObjectQuery] (default task-3) [71d2a5a3-2445-4159-8a2a-06ed9d95cba8] Query execution failed due to insufficient permissions. 2018-11-15 14:25:24,483+01 ERROR [org.ovirt.engine.api.restapi.resource.AbstractBackendResource] (default task-3) [] Operation Failed: query execution failed due to insufficient permissions. 2018-11-15 14:25:25,100+01 ERROR [org.ovirt.engine.core.bll.storage.domain.GetStorageDomainListByIdQuery] (default task-5) [a546991e-9f6c-4dfc-8597-d3d9c23e5d11] Query execution failed due to insufficient permissions. 2018-11-15 14:25:25,103+01 ERROR [org.ovirt.engine.core.bll.storage.domain.GetStorageDomainListByIdQuery] (default task-5) [a546991e-9f6c-4dfc-8597-d3d9c23e5d11] Query execution failed due to insufficient permissions.
@alex @Rik can you, please, send logs from DevTools console (Chrome or Firefox)?
Created attachment 1513927 [details] firefox console log Hi, I've added the firefox console log. The file shows the debug messages when the page is initially loaded. The VM (pools) are not displayed at this point. Then I press the refresh icon in the UI, and the VM pools appear. I've indicated when I pressed the reload icon in the log file. Regards, Rik
This bug has not been marked as blocker for oVirt 4.3.0. Since we are releasing it tomorrow, January 29th, this bug has been re-targeted to 4.3.1.
addressed by bug 1624219 ?
Yes, it was that issue and should work now. Tested in ovirt 4.2.8 and 4.3.2.