Description of problem: A user with the role operator can't open details view of a datastore through Provider ("Compute > Infrastructure > Provider > --provider-- > Datastores") but can via "Compute > Infrastructure > Datastores" Version-Release number of selected component (if applicable): 5.9.6.2.20181119175512_3a18916 5.10.0.25.20181120211723_d2fd659 How reproducible: Always Steps to Reproduce: 1. Add an infrastructure provider with datastores (tested with vmware) 2. Add a user in EVM Group "EvmGroup-operator" that has Role "EvmRole-operator" 3. Log in with the newly created user 4. Go to "Compute > Infrastructure > Provider > --provider-- > Datastores" 4. Click on any Datastore to see details Actual results: Unexpected error encountered ... No route matches {:action=>"5?display=storages", :controller=>"ems_infra", :id=>"1"} [storage/show] Expected results: The same as if navigated to "Compute > Infrastructure > Datastores" : details view of the datastore Additional info: Admin user can access datastores both ways. I tried to extend permissions of operator by granting all access to "Infrastructure Providers" (full access to "Datastores" is already given) - gives the same error.
https://github.com/ManageIQ/manageiq-ui-classic/pull/5004
New commit detected on ManageIQ/manageiq-ui-classic/master: https://github.com/ManageIQ/manageiq-ui-classic/commit/7974931a922d7803a7dc788907431cb7134ec04f commit 7974931a922d7803a7dc788907431cb7134ec04f Author: Dávid Halász <dhalasz> AuthorDate: Wed Nov 28 09:41:51 2018 -0500 Commit: Dávid Halász <dhalasz> CommitDate: Wed Nov 28 09:41:51 2018 -0500 When redirecting to a specific storage, RBAC check storage_show Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1653709 app/controllers/storage_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
New commit detected on ManageIQ/manageiq-ui-classic/hammer: https://github.com/ManageIQ/manageiq-ui-classic/commit/5bf80a07dd490492948948574b44d600bf369ff0 commit 5bf80a07dd490492948948574b44d600bf369ff0 Author: Milan Zázrivec <mzazrivec> AuthorDate: Thu Nov 29 02:42:52 2018 -0500 Commit: Milan Zázrivec <mzazrivec> CommitDate: Thu Nov 29 02:42:52 2018 -0500 Merge pull request #5004 from skateman/rbac-datastore When redirecting to a specific storage, RBAC check storage_show (cherry picked from commit 81e2feea9f83f03756c2effc0d740680e6ee80ff) Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1653709 app/controllers/storage_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
Verified with 5.10.0.30. User with EvmRole-operator can now see datastores and datastore details going via: - Compute > Infrastructure > Provider > --provider-- > Datastores or - Compute > Infrastructure > Datastores
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2019:0212