Aparently the code that went into the prior fix for this has all been removed. it used to be that only non-public networks were included in the list, and when that was modified to include public ones too, that code was ripped out. I'm currently digging into the code trying to understand how the list is generated -- it's no longer a simple query/method on the EMS or tenant -- it goes through MiqSearch.filtered with a bunch of arguments. It's got to be somewhere in the permissions filtering, since the full list shows up for admin.

OK, I was able to reproduce these results in my own environment on the gaprindashvili branch -- admin user sees the shared networks not associated with the current tenant, but non-admin user sees the list filtered for the current tenant (I'm not sure if it's filtering for the *selected* tenant or the tenants associated with the user's permissions, though).

However, I was not able to reproduce the bug on master. There, I see all the shared tenants, even for the limited-permission user. In both cases, I was pointing to the same OpenStack instance.

From what we know so far, the problem was either introduced only on the gaprindashvili branch, or it was fixed on master after the branch was made. Unfortunately, so far, Sam and I have been unable to find any relevant code differences between the branches that would explain the difference.

I will keep digging into this, but there's no ETA as of yet, since I have not yet been able to locate the code change that is causing this.

I found the difference between master and gaprindashvili that prevented the bug from reproducing on master. https://github.com/ManageIQ/manageiq/pull/17305 needs to be backported. That change fixes https://bugzilla.redhat.com/show_bug.cgi?id=1546535 which allowed shared networks to show up on the router create UI. Since the fix was done at the model level, it also fixes the same problem in the provisioning UI.

Verified on 5.10.0.3