Bug 1664540 - UserRole cannot Change CD on VM Portal
Summary: UserRole cannot Change CD on VM Portal
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: ovirt-engine
Version: 4.2.7
Hardware: x86_64
OS: Linux
medium
low
Target Milestone: ovirt-4.3.1
: 4.3.0
Assignee: Scott Dickerson
QA Contact: samuel macko
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2019-01-09 05:29 UTC by Germano Veit Michel
Modified: 2020-08-03 15:26 UTC (History)
8 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
A user with a UserRole or a role with a Change CD permit can now change CDs on running VMs in the VM Portal
Clone Of:
Environment:
Last Closed: 2019-05-08 12:39:09 UTC
oVirt Team: UX
Target Upstream Version:
lsvaty: testing_plan_complete-

Attachments (Terms of Use)
VM detail (29.83 KB, image/png)
2019-01-29 08:47 UTC, Lucie Leistnerova 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)


Links
System ID Private Priority Status Summary Last Updated
Github oVirt ovirt-web-ui issues 954 0 None closed UserRole cannot Change CD on VM Portal 2020-09-08 12:10:44 UTC
Github oVirt ovirt-web-ui pull 952 0 None closed Allow users without edit VM permissions to change a running VM's CD 2020-09-08 12:10:44 UTC
Red Hat Knowledge Base (Solution) 3799881 0 None None None 2019-01-11 04:18:21 UTC
Red Hat Product Errata RHEA-2019:1085 0 None None None 2019-05-08 12:39:19 UTC

Description Germano Veit Michel 2019-01-09 05:29:05 UTC 
Description of problem:

The UserRole has Basic Operations->Change CD permissions by default. But in the VM Portal to change the CD the user must click in 'Edit' and this is disabled for the UserRole as it does not have permissions to edit the VM.

Version-Release number of selected component (if applicable):
- Customer in 4.2 (secure env)
- Reproduced with upstream 4.3.0-0.3.alpha2.20181205141057.el7

How reproducible:
100%

Steps to Reproduce:
1. Login to VM Portal with UserRole to a VM
2. Try to Change CD

Actual results:
Edit button is grayed out

Expected results:
Edit button is available to change CD, or change CD from somewhere else within the UI.
Comment 5 RHV bug bot 2019-01-15 23:34:57 UTC 
WARN: Bug status wasn't changed from MODIFIED to ON_QA due to the following reason:

[Found non-acked flags: '{'rhevm-4.3-ga': '?'}', ]

For more info please contact: rhv-devops@redhat.comINFO: Bug status wasn't changed from MODIFIED to ON_QA due to the following reason:

[Found non-acked flags: '{'rhevm-4.3-ga': '?'}', ]

For more info please contact: rhv-devops@redhat.com
Comment 6 Lucie Leistnerova 2019-01-29 08:46:54 UTC 
User with UserRole or role with permit 'Change CD' on the running VM can't still change CD. See attachment.

engine log contains:
2019-01-29 09:31:08,832+01 ERROR [org.ovirt.engine.core.bll.GetPermissionsForObjectQuery] (default task-58) [4e1a663a-ef9e-4a21-999c-139989bb53ef] Query execution failed due to insufficient permissions.
2019-01-29 09:31:08,834+01 ERROR [org.ovirt.engine.api.restapi.resource.AbstractBackendResource] (default task-58) [] Operation Failed: query execution failed due to insufficient permissions.
when going to VM detail.

browser console shows "permits":["edit_profile","login","change_vm_cd"] in UPDATE_VMS

tested in ovirt-web-ui-1.5.0-1.el7ev.noarch with ovirt-engine-4.3.0-0.8.rc2.el7.noarch
Comment 7 Lucie Leistnerova 2019-01-29 08:47:27 UTC 
Created attachment 1524486 [details]
VM detail
Comment 9 Laura Wright 2019-01-31 16:38:53 UTC 
Here is a link to the design document that features a couple different design options. I'm partial to the third option in the doc. https://docs.google.com/document/d/1bDfsIf9UPuEJyxwTmoPs4iAZ6bQ2kd-Kv6TbHCeisxk/edit?usp=sharing
Comment 10 Scott Dickerson 2019-02-07 21:08:46 UTC 
Update the Details card so "normal" users can edit the CD.  I needed to update the "editVm" saga as well to support only changing the current CD.  All other change CD operations requires edit VM permissions.

PR: https://github.com/oVirt/ovirt-web-ui/pull/952
Comment 12 RHV bug bot 2019-02-21 17:26:01 UTC 
INFO: Bug status (ON_QA) wasn't changed but the folowing should be fixed:

[No relevant external trackers attached]

For more info please contact: rhv-devops@redhat.com
Comment 13 samuel macko 2019-03-04 11:22:24 UTC 
Verified on ovirt-engine-4.3.1.1-0.1.el7.noarch.
Verified by following the reproducer.
Comment 21 errata-xmlrpc 2019-05-08 12:39:09 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2019:1085
Comment 22 Daniel Gur 2019-08-28 13:13:01 UTC 
sync2jira
Comment 23 Daniel Gur 2019-08-28 13:17:14 UTC 
sync2jira
Note You need to log in before you can comment on or make changes to this bug.