Bug 1664540 - UserRole cannot Change CD on VM Portal
Summary: UserRole cannot Change CD on VM Portal
Alias: None
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: ovirt-engine
Version: 4.2.7
Hardware: x86_64
OS: Linux
Target Milestone: ovirt-4.3.1
: 4.3.0
Assignee: Scott Dickerson
QA Contact: samuel macko
Depends On:
TreeView+ depends on / blocked
Reported: 2019-01-09 05:29 UTC by Germano Veit Michel
Modified: 2020-08-03 15:26 UTC (History)
8 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
A user with a UserRole or a role with a Change CD permit can now change CDs on running VMs in the VM Portal
Clone Of:
Last Closed: 2019-05-08 12:39:09 UTC
oVirt Team: UX
Target Upstream Version:
lsvaty: testing_plan_complete-

Attachments (Terms of Use)
VM detail (29.83 KB, image/png)
2019-01-29 08:47 UTC, Lucie Leistnerova
no flags Details

System ID Private Priority Status Summary Last Updated
Github oVirt ovirt-web-ui issues 954 0 None closed UserRole cannot Change CD on VM Portal 2020-09-08 12:10:44 UTC
Github oVirt ovirt-web-ui pull 952 0 None closed Allow users without edit VM permissions to change a running VM's CD 2020-09-08 12:10:44 UTC
Red Hat Knowledge Base (Solution) 3799881 0 None None None 2019-01-11 04:18:21 UTC
Red Hat Product Errata RHEA-2019:1085 0 None None None 2019-05-08 12:39:19 UTC

Description Germano Veit Michel 2019-01-09 05:29:05 UTC
Description of problem:

The UserRole has Basic Operations->Change CD permissions by default. But in the VM Portal to change the CD the user must click in 'Edit' and this is disabled for the UserRole as it does not have permissions to edit the VM.

Version-Release number of selected component (if applicable):
- Customer in 4.2 (secure env)
- Reproduced with upstream 4.3.0-0.3.alpha2.20181205141057.el7

How reproducible:

Steps to Reproduce:
1. Login to VM Portal with UserRole to a VM
2. Try to Change CD

Actual results:
Edit button is grayed out

Expected results:
Edit button is available to change CD, or change CD from somewhere else within the UI.

Comment 5 RHV bug bot 2019-01-15 23:34:57 UTC
WARN: Bug status wasn't changed from MODIFIED to ON_QA due to the following reason:

[Found non-acked flags: '{'rhevm-4.3-ga': '?'}', ]

For more info please contact: rhv-devops@redhat.comINFO: Bug status wasn't changed from MODIFIED to ON_QA due to the following reason:

[Found non-acked flags: '{'rhevm-4.3-ga': '?'}', ]

For more info please contact: rhv-devops@redhat.com

Comment 6 Lucie Leistnerova 2019-01-29 08:46:54 UTC
User with UserRole or role with permit 'Change CD' on the running VM can't still change CD. See attachment.

engine log contains:
2019-01-29 09:31:08,832+01 ERROR [org.ovirt.engine.core.bll.GetPermissionsForObjectQuery] (default task-58) [4e1a663a-ef9e-4a21-999c-139989bb53ef] Query execution failed due to insufficient permissions.
2019-01-29 09:31:08,834+01 ERROR [org.ovirt.engine.api.restapi.resource.AbstractBackendResource] (default task-58) [] Operation Failed: query execution failed due to insufficient permissions.
when going to VM detail.

browser console shows "permits":["edit_profile","login","change_vm_cd"] in UPDATE_VMS

tested in ovirt-web-ui-1.5.0-1.el7ev.noarch with ovirt-engine-4.3.0-0.8.rc2.el7.noarch

Comment 7 Lucie Leistnerova 2019-01-29 08:47:27 UTC
Created attachment 1524486 [details]
VM detail

Comment 9 Laura Wright 2019-01-31 16:38:53 UTC
Here is a link to the design document that features a couple different design options. I'm partial to the third option in the doc. https://docs.google.com/document/d/1bDfsIf9UPuEJyxwTmoPs4iAZ6bQ2kd-Kv6TbHCeisxk/edit?usp=sharing

Comment 10 Scott Dickerson 2019-02-07 21:08:46 UTC
Update the Details card so "normal" users can edit the CD.  I needed to update the "editVm" saga as well to support only changing the current CD.  All other change CD operations requires edit VM permissions.

PR: https://github.com/oVirt/ovirt-web-ui/pull/952

Comment 12 RHV bug bot 2019-02-21 17:26:01 UTC
INFO: Bug status (ON_QA) wasn't changed but the folowing should be fixed:

[No relevant external trackers attached]

For more info please contact: rhv-devops@redhat.com

Comment 13 samuel macko 2019-03-04 11:22:24 UTC
Verified on ovirt-engine-
Verified by following the reproducer.

Comment 21 errata-xmlrpc 2019-05-08 12:39:09 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Comment 22 Daniel Gur 2019-08-28 13:13:01 UTC

Comment 23 Daniel Gur 2019-08-28 13:17:14 UTC

Note You need to log in before you can comment on or make changes to this bug.