Red Hat Satellite engineering is moving the tracking of its product development work on Satellite to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "Satellite project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs will be migrated starting at the end of May. If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "Satellite project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/SAT-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1662337 - [RFE] External User Group should inherit Location and Organization preferences from Administer->Roles
Summary: [RFE] External User Group should inherit Location and Organization preference...
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Satellite
Classification: Red Hat
Component: LDAP
Version: 6.4.0
Hardware: x86_64
OS: Linux
high
medium with 5 votes
Target Milestone: Unspecified
Assignee: satellite6-bugs
QA Contact: Sanket Jagtap
URL:
Whiteboard:
: 1293835 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-12-27 19:42 UTC by Amar Huchchanavar
Modified: 2024-10-01 16:12 UTC (History)
19 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2021-04-13 17:40:03 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Foreman Issue Tracker 30977 0 High New External User Group should inherit Location and Organization preferences from Administer->Roles 2021-02-15 14:44:26 UTC
Red Hat Bugzilla 1792378 0 high CLOSED [RFE] Long role names are cut off in the roles UI 2023-03-24 16:45:34 UTC
Red Hat Knowledge Base (Solution) 4933591 0 None None None 2020-03-30 13:41:33 UTC

Description Amar Huchchanavar 2018-12-27 19:42:27 UTC 
1. Proposed title of this feature request  
  [RFE] External User Group should inherit Location and Organization preference from Roles
  
3. What is the nature and description of the request?  
  Customer would like to inherit the Location and Organization preferences from a particular Role to the External Group so that new user gets the desired loc and org preference based on the selected role. 
Currently, it is possible by creating auth source under each organization and location however this is not the feasible solution if you have more than 50 orgs with single auth source. We need to create auth source under each organization.

4. Why does the customer need this? (List the business requirements here)  
~~~  
The present solution is very plenty of drawbacks in our case, because the ldap configuration  will be the same for every organization then when we configured it at the top Organization (Any) but the role doesn't keep the location and organization automatically although we have configured it. It will be only the ldap aboresence that will be different thank to the mapping.
When we configure the affected organization with the AD groups, the role doesn't give the organization and the location as if it should be in any organization. But it seems that we need to define again in each organization weirdly...
That's the main point.
~~~

5. How would the customer like to achieve this? (List the functional requirements here)  
- Assign Role to User Group [which is possible]
- However, it does not inherit the preferences(loc and org) while performing autologin.


6. For each functional requirement listed, specify how Red Hat and the customer can test to confirm the requirement is successfully implemented.  
Yes  


7. Is there already an existing RFE upstream or in Red Hat Bugzilla?  
No
This can be alternative solation : https://bugzilla.redhat.com/show_bug.cgi?id=1293835
  
8. Does the customer have any specific timeline dependencies and which release would they like to target (i.e. RHEL5, RHEL6)?  
No
Comment 8 Sean O'Keeffe 2019-11-01 16:34:08 UTC 
*** Bug 1293835 has been marked as a duplicate of this bug. ***
Comment 9 Bryan Kearney 2020-01-15 21:01:04 UTC 
The Satellite Team is attempting to provide an accurate backlog of bugzilla requests which we feel will be resolved in the next few releases. We do not believe this bugzilla will meet that criteria, and have plans to close it out in 1 month. This is not a reflection on the validity of the request, but a reflection of the many priorities for the product. If you have any concerns about this, feel free to contact Red Hat Technical Support or your account team. If we do not hear from you, we will close this bug out. Thank you.
Comment 17 Ondřej Ezr 2020-10-05 11:40:34 UTC 
Created redmine issue https://projects.theforeman.org/issues/30977 from this bug
Comment 18 Mike McCune 2021-03-11 18:51:16 UTC 
Upon review of our valid but aging backlog the Satellite Team has concluded that this Bugzilla does not meet the criteria for a resolution in the near term, and are planning to close in one month's time. If you have any concerns about this, please contact your Red Hat Account team.  Thank you.
Comment 19 Jean-Baptiste Dancre 2021-03-12 13:56:34 UTC 
This bugzilla may be a side-effect of a bigger security/RBAC approach that is not consistent accross the Satellite in a multi-organisation deployment.
Because rights are not properly assigned based on their roles to a user, it shows explicitly that it generates security issues. Some are listed in this BZ: https://bugzilla.redhat.com/show_bug.cgi?id=1886594

But deep down, it seems related to inconsistencies on the RBAC approach.

Those issues (this BZ or the one linked) is still occuring in Satellite 6.8, and so far nothing indicates that release 6.9 would fix anything on this matter.
So not fixing this BZ is fine, as long as some deep rework is done on the RBAC model, as currently, it looks as beeing deeply flawed.
Comment 21 Mike McCune 2021-04-13 17:40:03 UTC 
Thank you for your interest in Satellite 6. We have evaluated this request, and while we recognize that it is a valid request, we do not expect this to be implemented in the product in the foreseeable future. This is due to other priorities for the product, and not a reflection on the request itself. We are therefore closing this out as WONTFIX. If you have any concerns about this, please do not reopen. Instead, feel free to contact your Red Hat Account Team. Thank you.
Note You need to log in before you can comment on or make changes to this bug.