Description of problem: error 403 trying to use action refresh on a provider as non-admin user with api and refresh permissions granted Version-Release number of selected component (if applicable): 5.9.3 How reproducible: all the time in customer environment Steps to Reproduce: 1. set up a new user with a new group based on vm_user plus api access and refresh access to cloud and infrastructure providers 2. issue a refresh using the classic ui with that user 3. issue a refresh of the same provider using the api Actual results: error 403 Expected results: the action is perfomed Additional info: - using a ldap for authentication - providers tested were amazon and azure - same issue with vmware provider as well
PR to fix this https://github.com/ManageIQ/manageiq-api/pull/428
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2019:0212