Red Hat Satellite engineering is moving the tracking of its product development work on Satellite to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "Satellite project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs will be migrated starting at the end of May. If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "Satellite project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/SAT-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1600095 - Non admin user is unable to see the audits for katello and taxable resources created by admin using Any Location context
Summary: Non admin user is unable to see the audits for katello and taxable resources ...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Satellite
Classification: Red Hat
Component: Audit Log
Version: 6.4
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: 6.5.0
Assignee: Sebastian Gräßl
QA Contact: tstrych
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-07-11 12:07 UTC by Roman Plevka
Modified: 2019-11-05 22:30 UTC (History)
6 users (show)

Fixed In Version: foreman-1.20.0-0
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
: 1646740 (view as bug list)
Environment:
Last Closed: 2019-05-14 12:37:33 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Foreman Issue Tracker 24232 0 None None None 2018-07-12 06:31:24 UTC
Red Hat Product Errata RHSA-2019:1222 0 None None None 2019-05-14 12:37:41 UTC

Description Roman Plevka 2018-07-11 12:07:01 UTC 
Description of problem:
unlike Admin, a regular user is not able to effectively use "Any Location" context on accessing Katello resources. So if Admin user creates a katello resource while having "Any Location" context set, audits for these actions and resources will not be visible to a regular user.

Version-Release number of selected component (if applicable):
6.4.0-11

How reproducible:
always

Steps to Reproduce:
1. create an organization (o1)
2. clone the "Auditor" role and assign the clone to the org (o1)
2. create a regular user (u1), belonging to org (o1), having "Org Admin" and the auditor clone roles assigned.
3. as an Admin user, set your location context to Any Location and organization context to o1
4. as an Admin user, create some katello resource (e.g. content view) OR architecture.
5. optional: as admin, check that the audits have been created
6. as u1, check the audits

Actual results:
u1 is unable to see any audits related to the resources created|manipulated in step #4 despite the fact that these belong to his organization.
Comment 1 Marek Hulan 2018-07-12 06:27:28 UTC 
The problem is that when we list audits, taxonomy default scope is applied since audits are now taxable. But audits for non-taxable resources should also be non-taxable. Therefore, we'll need to start storing information about whether taxonomy is applicable to each audit so we can easily search by that. Note that some resources do not support location but they support organizations so we need to start storing two different flags, e.g. organizations_relevant and locations_relevant.
Comment 2 Marek Hulan 2018-07-12 06:31:23 UTC 
Created redmine issue https://projects.theforeman.org/issues/24232 from this bug
Comment 5 Satellite Program 2018-10-02 12:09:36 UTC 
Moving this bug to POST for triage into Satellite 6 since the upstream issue https://projects.theforeman.org/issues/24232 has been resolved.
Comment 7 tstrych 2019-03-12 14:05:12 UTC 
I tried steps to reproduce on sat-6.4.0 with this package version: foreman-1.18.0 
and I did the same on sat sat-6.5.0 snap 18 with this package version: foreman-1.20.1

Verified
Comment 8 tstrych 2019-03-12 14:06:08 UTC 
forgot to change the status
Comment 11 errata-xmlrpc 2019-05-14 12:37:33 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2019:1222
Note You need to log in before you can comment on or make changes to this bug.