1602413 – error 403 trying to use action refresh on a provider as non-admin user with api and refresh permissions granted

Bug 1602413 - error 403 trying to use action refresh on a provider as non-admin user with api and refresh permissions granted

Summary: error 403 trying to use action refresh on a provider as non-admin user with a...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat CloudForms Management Engine
Classification:	Red Hat
Component:	API
Sub Component:
Version:	5.9.0
Hardware:	All
OS:	All
Priority:	medium
Severity:	medium
Target Milestone:	GA
Target Release:	5.10.0
Assignee:	Julian Cheal
QA Contact:	Antonin Pagac
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2018-07-18 10:25 UTC by Felix Dewaleyne
Modified:	2022-03-13 15:15 UTC (History)
CC List:	7 users (show)
Fixed In Version:	5.10.0.15
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:	5.10.1
Last Closed:	2019-02-07 23:03:30 UTC
Category:	---
Cloudforms Team:	---
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Bugzilla	1641722	0	unspecified	CLOSED	[RFE][API] Inconsistency between UI and API: Provider refresh	2021-02-22 00:41:40 UTC
Red Hat Product Errata	RHSA-2019:0212	0	None	None	None	2019-02-07 23:03:37 UTC

Internal Links: 1641722

Description Felix Dewaleyne 2018-07-18 10:25:06 UTC

Description of problem:
error 403 trying to use action refresh on a provider as non-admin user with api and refresh permissions granted

Version-Release number of selected component (if applicable):
5.9.3

How reproducible:
all the time in customer environment

Steps to Reproduce:
1. set up a new user with a new group based on vm_user plus api access and refresh access to cloud and infrastructure providers
2. issue a refresh using the classic ui with that user 
3. issue a refresh of the same provider using the api

Actual results:
error 403

Expected results:
the action is perfomed 

Additional info:
- using a ldap for authentication
- providers tested were amazon and azure
- same issue with vmware provider as well

Comment 4 Julian Cheal 2018-07-23 16:36:30 UTC

PR to fix this https://github.com/ManageIQ/manageiq-api/pull/428

Comment 9 errata-xmlrpc 2019-02-07 23:03:30 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2019:0212

Note You need to log in before you can comment on or make changes to this bug.