Description of problem:
unlike Admin, a regular user is not able to effectively use "Any Location" context on accessing Katello resources. So if Admin user creates a katello resource while having "Any Location" context set, audits for these actions and resources will not be visible to a regular user.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. create an organization (o1)
2. clone the "Auditor" role and assign the clone to the org (o1)
2. create a regular user (u1), belonging to org (o1), having "Org Admin" and the auditor clone roles assigned.
3. as an Admin user, set your location context to Any Location and organization context to o1
4. as an Admin user, create some katello resource (e.g. content view) OR architecture.
5. optional: as admin, check that the audits have been created
6. as u1, check the audits
u1 is unable to see any audits related to the resources created|manipulated in step #4 despite the fact that these belong to his organization.
The problem is that when we list audits, taxonomy default scope is applied since audits are now taxable. But audits for non-taxable resources should also be non-taxable. Therefore, we'll need to start storing information about whether taxonomy is applicable to each audit so we can easily search by that. Note that some resources do not support location but they support organizations so we need to start storing two different flags, e.g. organizations_relevant and locations_relevant.
Created redmine issue https://projects.theforeman.org/issues/24232 from this bug
Moving this bug to POST for triage into Satellite 6 since the upstream issue https://projects.theforeman.org/issues/24232 has been resolved.
I tried steps to reproduce on sat-6.4.0 with this package version: foreman-1.18.0
and I did the same on sat sat-6.5.0 snap 18 with this package version: foreman-1.20.1
forgot to change the status
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.