Bug 1560535 - Add repository, Create service item: not available for restricted user
Summary: Add repository, Create service item: not available for restricted user
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: UI - OPS
Version: 5.9.0
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: GA
: 5.10.0
Assignee: Zita Nemeckova
QA Contact: Jad Haj Yahya
URL:
Whiteboard: ui:tag:ansible
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-03-26 12:14 UTC by Ruslana Babyuk
Modified: 2019-02-07 23:01 UTC (History)
7 users (show)

Fixed In Version: 5.10.0.3
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-02-07 23:01:18 UTC
Category: ---
Cloudforms Team: ---
Target Upstream Version:


Attachments (Terms of Use)
add_repository (67.81 KB, image/png)
2018-03-26 12:14 UTC, Ruslana Babyuk
no flags Details


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2019:0212 None None None 2019-02-07 23:01:24 UTC

Description Ruslana Babyuk 2018-03-26 12:14:17 UTC
Created attachment 1413096 [details]
add_repository

Description of problem:
Add repository, Create service item: not available for restricted user

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1. Enable embedded ansible 
2. Create a restricted user(restriction with tag)
3. navigate to Ansible-> Repository
4. Add new repository

Actual results:
Embedded Ansible Provider not found.

Expected results:
A user should be able to add a repository

Additional info:
The same for Creating service item, Ansible playbook disabled for the restricted user, even if the repository is already added and available for user

Comment 2 Sudhir Mallamprabhakara 2018-03-26 14:01:08 UTC
Not a regression - Confirmed by the reporter

Comment 4 Zita Nemeckova 2018-03-29 09:55:45 UTC
Hi,

I have few questions because I'm not able to recreate.

Restricted user should be allowed only to items with specific tags?
Has embedded Ansible provider a tag that is allowed for restricted user?
How do you set tags to Embedded Ansible provider?


Thanks,
Zita

Comment 5 Ruslana Babyuk 2018-03-29 10:09:06 UTC
Hi Zita,

1. Restricted user should be allowed only to items with specific tags?
yes

Has embedded Ansible provider a tag that is allowed for restricted user?
No, tag is not set, but user can do all actions regarding group role features is all 

How do you set tags to Embedded Ansible provider?
Only using api

Comment 6 Zita Nemeckova 2018-06-21 09:42:56 UTC
Hi,

I still have problems reproducing. Could you please give me an appliance where I could try it out?

Thanks,
Zita

Comment 11 Ruslana Babyuk 2018-06-27 13:19:50 UTC
Hi Zita,

I think if user role allows adding repository, for the restricted user, the user should have the ability to do so, even if the provider is restricted. As an example restricted user can add host/node for infra provider(restricted)

Comment 12 CFME Bot 2018-07-02 05:14:50 UTC
New commit detected on ManageIQ/manageiq-ui-classic/master:

https://github.com/ManageIQ/manageiq-ui-classic/commit/0e836f5543ec83d72ba3ed7f3ad9fad2d23009fb
commit 0e836f5543ec83d72ba3ed7f3ad9fad2d23009fb
Author:     Zita Nemeckova <znemecko@redhat.com>
AuthorDate: Tue Jun 26 09:30:08 2018 -0400
Commit:     Zita Nemeckova <znemecko@redhat.com>
CommitDate: Tue Jun 26 09:30:08 2018 -0400

    Don't allow user to create a repository if he has no rights to Embedded Ansible Provider

    Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1560535

 app/helpers/application_helper/button/embedded_ansible.rb | 2 +
 1 file changed, 2 insertions(+)

Comment 13 Zita Nemeckova 2018-07-02 08:34:55 UTC
Hi Ruslana,

in the end I had to forbid restricted user from creating a repository because API wouldn't allow it. There was no way around it.

Could you create a separate BZ for Service Item scenario as it's not directly related to Repository one? And assign it to me.

Thanks,
Zita

Comment 14 Ruslana Babyuk 2018-07-02 09:45:58 UTC
Hi Zita,

I've created a new issue for service item 1597221, as you requested

Thanks

Comment 16 errata-xmlrpc 2019-02-07 23:01:18 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2019:0212


Note You need to log in before you can comment on or make changes to this bug.