Note: This bug is displayed in read-only format because
the product is no longer active in Red Hat Bugzilla.
Red Hat Satellite engineering is moving the tracking of its product development work on Satellite to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "Satellite project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs will be migrated starting at the end of May. If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "Satellite project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/SAT-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Description of problem:
unlike Admin, a regular user is not able to effectively use "Any Location" context on accessing Katello resources. So if Admin user creates a katello resource while having "Any Location" context set, audits for these actions and resources will not be visible to a regular user.
Version-Release number of selected component (if applicable):
6.4.0-11
How reproducible:
always
Steps to Reproduce:
1. create an organization (o1)
2. clone the "Auditor" role and assign the clone to the org (o1)
2. create a regular user (u1), belonging to org (o1), having "Org Admin" and the auditor clone roles assigned.
3. as an Admin user, set your location context to Any Location and organization context to o1
4. as an Admin user, create some katello resource (e.g. content view) OR architecture.
5. optional: as admin, check that the audits have been created
6. as u1, check the audits
Actual results:
u1 is unable to see any audits related to the resources created|manipulated in step #4 despite the fact that these belong to his organization.
The problem is that when we list audits, taxonomy default scope is applied since audits are now taxable. But audits for non-taxable resources should also be non-taxable. Therefore, we'll need to start storing information about whether taxonomy is applicable to each audit so we can easily search by that. Note that some resources do not support location but they support organizations so we need to start storing two different flags, e.g. organizations_relevant and locations_relevant.
I tried steps to reproduce on sat-6.4.0 with this package version: foreman-1.18.0
and I did the same on sat sat-6.5.0 snap 18 with this package version: foreman-1.20.1
Verified
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.
https://access.redhat.com/errata/RHSA-2019:1222