Bug 1596136 - User with Edit Tags for Catalog Items unable to Edit Tags and No Error shown
Summary: User with Edit Tags for Catalog Items unable to Edit Tags and No Error shown
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: UI - OPS
Version: 5.9.0
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: GA
: 5.10.0
Assignee: Harpreet Kataria
QA Contact: Jad Haj Yahya
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-06-28 09:58 UTC by Pete Savage
Modified: 2019-08-22 00:55 UTC (History)
7 users (show)

Fixed In Version: 5.10.0.6
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-02-07 23:03:14 UTC
Category: ---
Cloudforms Team: ---
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2019:0212 None None None 2019-02-07 23:03:25 UTC

Description Pete Savage 2018-06-28 09:58:15 UTC
Description of problem: User with Edit Tags for Catalog Items unable to Edit Tags and No Error shown


Version-Release number of selected component (if applicable): 5.9.3.3.20180627151410_682cecf 


How reproducible: 100%


Steps to Reproduce:
As Admin user
1. Copy the EVMRole-user_self_service to a new role
2. Add the Services -> Catalogs Explorer -> Catalog Items -> Operate -> Edit Tags
3. Add a new group called test and use the role from #2.
4. Assign Department -> Accounting as a specific tag filter for group test.
5. Create a new user called test and use the group test
6. Create a Generic Catalog Item and assign it the tag Department -> Accounting

As User test
1. Login
2. Navigate to the Catalog Item created in 6
3. Click Policy -> Edit Tags

Actual results:
Nothing Happens

Expected results:
User should be able to edit tags

Additional info:

[----] F, [2018-06-28T05:36:47.001667 #12092:a66d00] FATAL -- : Error caught: [MiqException::RbacPrivilegeException] The user is not authorized for this task or item.
/opt/rh/cfme-gemset/bundler/gems/cfme-ui-classic-c0a4b7f863f5/app/controllers/application_controller.rb:2167:in `assert_privileges'
/opt/rh/cfme-gemset/bundler/gems/cfme-ui-classic-c0a4b7f863f5/app/controllers/catalog_controller.rb:461:in `st_tags_edit'
/opt/rh/cfme-gemset/bundler/gems/cfme-ui-classic-c0a4b7f863f5/app/controllers/application_controller/explorer.rb:201:in `generic_x_button'
/opt/rh/cfme-gemset/bundler/gems/cfme-ui-classic-c0a4b7f863f5/app/controllers/catalog_controller.rb:60:in `x_button'
/opt/rh/cfme-gemset/gems/actionpack-5.0.6/lib/action_controller/metal/basic_implicit_render.rb:4:in `send_action'
/opt/rh/cfme-gemset/gems/actionpack-5.0.6/lib/abstract_controller/base.rb:188:in `process_action'
/opt/rh/cfme-gemset/gems/actionpack-5.0.6/lib/action_controller/metal/rendering.rb:30:in `process_action'
/opt/rh/cfme-gemset/gems/actionpack-5.0.6/lib/abstract_controller/callbacks.rb:20:in `block in process_action'
/opt/rh/cfme-gemset/gems/activesupport-5.0.6/lib/active_support/callbacks.rb:126:in `call'
/opt/rh/cfme-gemset/gems/activesupport-5.0.6/lib/active_support/callbacks.rb:506:in `block (2 levels) in compile'
/opt/rh/cfme-gemset/gems/activesupport-5.0.6/lib/active_support/callbacks.rb:455:in `call'
/opt/rh/cfme-gemset/gems/activesupport-5.0.6/lib/active_support/callbacks.rb:101:in `__run_callbacks__'
/opt/rh/cfme-gemset/gems/activesupport-5.0.6/lib/active_support/callbacks.rb:750:in `_run_process_action_callbacks'
/opt/rh/cfme-gemset/gems/activesupport-5.0.6/lib/active_support/callbacks.rb:90:in `run_callbacks'
/opt/rh/cfme-gemset/gems/actionpack-5.0.6/lib/abstract_controller/callbacks.rb:19:in `process_action'
/opt/rh/cfme-gemset/gems/actionpack-5.0.6/lib/action_controller/metal/rescue.rb:20:in `process_action'
/opt/rh/cfme-gemset/gems/actionpack-5.0.6/lib/action_controller/metal/instrumentation.rb:32:in `block in process_action'
/opt/rh/cfme-gemset/gems/activesupport-5.0.6/lib/active_support/notifications.rb:164:in `block in instrument'
/opt/rh/cfme-gemset/gems/activesupport-5.0.6/lib/active_support/notifications/instrumenter.rb:21:in `instrument'
/opt/rh/cfme-gemset/gems/activesupport-5.0.6/lib/active_support/notifications.rb:164:in `instrument'
/opt/rh/cfme-gemset/gems/actionpack-5.0.6/lib/action_controller/metal/instrumentation.rb:30:in `process_action'
/opt/rh/cfme-gemset/gems/actionpack-5.0.6/lib/action_controller/metal/params_wrapper.rb:248:in `process_action'
/opt/rh/cfme-gemset/gems/activerecord-5.0.6/lib/active_record/railties/controller_runtime.rb:18:in `process_action'
/opt/rh/cfme-gemset/gems/actionpack-5.0.6/lib/abstract_controller/base.rb:126:in `process'
/opt/rh/cfme-gemset/gems/actionview-5.0.6/lib/action_view/rendering.rb:30:in `process'
/opt/rh/cfme-gemset/gems/actionpack-5.0.6/lib/action_controller/metal.rb:190:in `dispatch'
/opt/rh/cfme-gemset/gems/actionpack-5.0.6/lib/action_controller/metal.rb:262:in `dispatch'
/opt/rh/cfme-gemset/gems/actionpack-5.0.6/lib/action_dispatch/routing/route_set.rb:50:in `dispatch'
/opt/rh/cfme-gemset/gems/actionpack-5.0.6/lib/action_dispatch/routing/route_set.rb:32:in `serve'
/opt/rh/cfme-gemset/gems/actionpack-5.0.6/lib/action_dispatch/journey/router.rb:39:in `block in serve'
/opt/rh/cfme-gemset/gems/actionpack-5.0.6/lib/action_dispatch/journey/router.rb:26:in `each'
/opt/rh/cfme-gemset/gems/actionpack-5.0.6/lib/action_dispatch/journey/router.rb:26:in `serve'
/opt/rh/cfme-gemset/gems/actionpack-5.0.6/lib/action_dispatch/routing/route_set.rb:727:in `call'
/opt/rh/cfme-gemset/gems/secure_headers-3.0.3/lib/secure_headers/middleware.rb:10:in `call'
/opt/rh/cfme-gemset/gems/rack-2.0.3/lib/rack/etag.rb:25:in `call'
/opt/rh/cfme-gemset/gems/rack-2.0.3/lib/rack/conditional_get.rb:38:in `call'
/opt/rh/cfme-gemset/gems/rack-2.0.3/lib/rack/head.rb:12:in `call'
/opt/rh/cfme-gemset/gems/rack-2.0.3/lib/rack/session/abstract/id.rb:232:in `context'
/opt/rh/cfme-gemset/gems/rack-2.0.3/lib/rack/session/abstract/id.rb:226:in `call'
/opt/rh/cfme-gemset/gems/actionpack-5.0.6/lib/action_dispatch/middleware/cookies.rb:613:in `call'
/opt/rh/cfme-gemset/gems/actionpack-5.0.6/lib/action_dispatch/middleware/callbacks.rb:38:in `block in call'
/opt/rh/cfme-gemset/gems/activesupport-5.0.6/lib/active_support/callbacks.rb:97:in `__run_callbacks__'
/opt/rh/cfme-gemset/gems/activesupport-5.0.6/lib/active_support/callbacks.rb:750:in `_run_call_callbacks'
/opt/rh/cfme-gemset/gems/activesupport-5.0.6/lib/active_support/callbacks.rb:90:in `run_callbacks'
/opt/rh/cfme-gemset/gems/actionpack-5.0.6/lib/action_dispatch/middleware/callbacks.rb:36:in `call'
/opt/rh/cfme-gemset/gems/actionpack-5.0.6/lib/action_dispatch/middleware/remote_ip.rb:79:in `call'
/opt/rh/cfme-gemset/gems/actionpack-5.0.6/lib/action_dispatch/middleware/debug_exceptions.rb:49:in `call'
/opt/rh/cfme-gemset/gems/actionpack-5.0.6/lib/action_dispatch/middleware/show_exceptions.rb:31:in `call'
/opt/rh/cfme-gemset/gems/railties-5.0.6/lib/rails/rack/logger.rb:36:in `call_app'
/opt/rh/cfme-gemset/gems/railties-5.0.6/lib/rails/rack/logger.rb:26:in `call'
/opt/rh/cfme-gemset/gems/actionpack-5.0.6/lib/action_dispatch/middleware/request_id.rb:24:in `call'
/opt/rh/cfme-gemset/gems/rack-2.0.3/lib/rack/method_override.rb:22:in `call'
/opt/rh/cfme-gemset/gems/rack-2.0.3/lib/rack/runtime.rb:22:in `call'
/opt/rh/cfme-gemset/gems/activesupport-5.0.6/lib/active_support/cache/strategy/local_cache_middleware.rb:28:in `call'
/opt/rh/cfme-gemset/gems/actionpack-5.0.6/lib/action_dispatch/middleware/executor.rb:12:in `call'
/opt/rh/cfme-gemset/gems/rack-2.0.3/lib/rack/sendfile.rb:111:in `call'
/opt/rh/cfme-gemset/gems/railties-5.0.6/lib/rails/engine.rb:522:in `call'
/opt/rh/rh-ruby23/root/usr/share/gems/gems/puma-3.7.1/lib/puma/configuration.rb:232:in `call'
/opt/rh/rh-ruby23/root/usr/share/gems/gems/puma-3.7.1/lib/puma/server.rb:578:in `handle_request'
/opt/rh/rh-ruby23/root/usr/share/gems/gems/puma-3.7.1/lib/puma/server.rb:415:in `process_client'
/opt/rh/rh-ruby23/root/usr/share/gems/gems/puma-3.7.1/lib/puma/server.rb:275:in `block in run'
/opt/rh/rh-ruby23/root/usr/share/gems/gems/puma-3.7.1/lib/puma/thread_pool.rb:120:in `block in spawn_thread'

Comment 3 Harpreet Kataria 2018-07-02 22:58:49 UTC
https://github.com/ManageIQ/manageiq-ui-classic/pull/4242

Comment 4 CFME Bot 2018-07-03 18:07:49 UTC
New commit detected on ManageIQ/manageiq-ui-classic/master:

https://github.com/ManageIQ/manageiq-ui-classic/commit/e8642a3c34b93ce2797cf7628103ec4744f3bfe4
commit e8642a3c34b93ce2797cf7628103ec4744f3bfe4
Author:     Harpreet Kataria <hkataria@redhat.com>
AuthorDate: Mon Jul  2 18:49:05 2018 -0400
Commit:     Harpreet Kataria <hkataria@redhat.com>
CommitDate: Mon Jul  2 18:49:05 2018 -0400

    Pass in id of selected record correctly.

    Fixed condition to pass in ids correctly to find_records_with_rbac method.

    Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1596136

 app/controllers/catalog_controller.rb | 3 +-
 spec/controllers/catalog_controller_spec.rb | 17 +-
 2 files changed, 17 insertions(+), 3 deletions(-)

Comment 5 Ruslana Babyuk 2018-07-16 08:23:44 UTC
I still can reproduce it on 5.10.0.4 build

Comment 7 CFME Bot 2018-07-24 01:32:27 UTC
New commit detected on ManageIQ/manageiq-ui-classic/master:

https://github.com/ManageIQ/manageiq-ui-classic/commit/2acb765835bf357cc8187f42dcd9d70d7be4c7b6
commit 2acb765835bf357cc8187f42dcd9d70d7be4c7b6
Author:     Harpreet Kataria <hkataria@redhat.com>
AuthorDate: Fri Jul 20 16:16:25 2018 -0400
Commit:     Harpreet Kataria <hkataria@redhat.com>
CommitDate: Fri Jul 20 16:16:25 2018 -0400

    Fixed rbac feature id being passed in to assert_privileges method

    Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1596136

 app/controllers/catalog_controller.rb | 2 +-
 spec/controllers/catalog_controller_spec.rb | 2078 +-
 2 files changed, 1072 insertions(+), 1008 deletions(-)

Comment 9 errata-xmlrpc 2019-02-07 23:03:14 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2019:0212


Note You need to log in before you can comment on or make changes to this bug.