Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
Red Hat Satellite engineering is moving the tracking of its product development work on Satellite to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "Satellite project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs will be migrated starting at the end of May. If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "Satellite project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/SAT-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1763893

Summary: [RFE] Implement impersonate feature for easier debugging
Product: Red Hat Satellite Reporter: Bryan Kearney <bkearney>
Component: Users & RolesAssignee: Ondřej Pražák <oprazak>
Status: CLOSED ERRATA QA Contact: Roman Plevka <rplevka>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.4CC: dsinglet, inecas, mawerner, mhulan, oprazak, pcreech, pstehlik, rplevka, sokeeffe, sshtein, vgrosu
Target Milestone: 6.7.0Keywords: FutureFeature
Target Release: Unused   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Known Issue
Doc Text:
During an impersonation session, a user with administrator privileges for Satellite can impersonate another user with administrator privileges and can perform all actions that an administrator performs including creating and deleting other users with administrative privileges.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2020-04-14 13:26:02 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
impersonate and delete self none

Description Bryan Kearney 2019-10-21 20:27:44 UTC 
Administrator should be able to look at how the app works under different user account without knowing their password. In user list, we can add a new "Impersonate" button that switches the account. User should see that the "impersonate" session is active in top bar end then just cancel it, restoring original user session. The impersonation should be logger as well as create an audit.
Comment 1 Bryan Kearney 2019-10-21 20:27:46 UTC 
Created from redmine issue https://projects.theforeman.org/issues/26003
Comment 2 Bryan Kearney 2019-10-21 20:27:48 UTC 
Upstream bug assigned to oprazak
Comment 4 Bryan Kearney 2019-10-21 22:01:23 UTC 
Moving this bug to POST for triage into Satellite 6 since the upstream issue https://projects.theforeman.org/issues/26003 has been resolved.
Comment 8 Roman Plevka 2020-01-27 16:44:48 UTC 
I had 2 admin users.
as admin I impersonated admin2.
Then, as admin2 i was able to delete admin.

I don't think we want to allow this - do we?
Comment 9 Roman Plevka 2020-01-27 16:46:07 UTC 
please, provide a proper documentation of the feature, what are the expected outcomes with scenarios similar to the one described in Comment #8?
Comment 10 Roman Plevka 2020-01-27 16:53:06 UTC 
Created attachment 1655719 [details]
impersonate and delete self
Comment 11 Vlada Grosu 2020-01-27 17:30:54 UTC 
(In reply to Roman Plevka from comment #9)
> please, provide a proper documentation of the feature,

Hi Roman,

The product documentation changes are tracked in BZ#1778825, where I created a new procedure 'Impersonating a Different User Account' in the Administering Red Hat Satellite guide (for Satellite 6.7). The procedure is based on the scenario described in the Aha card: "As an admin user I can impersonate another user".

It is stated in the procedure that "Administrators can impersonate other authenticated users for testing and troubleshooting purposes". The situation you are describing in Comment #8 is indeed worrying, while the feature behaviour extends beyond 'testing and troubleshooting purposes'.
I agree with your assessment, this is not a scenario that we want to allow. However, I also believe that a programmatic solution to prevent this behaviour from occurring must be implemented.
What do you think?



> what are the expected
> outcomes with scenarios similar to the one described in Comment #8?

I will speak with our Content Strategists and Docs Program Manager to define the correct expectation for Comment #8 from a documentation point of view. I will update the ticket once I have more information.

Thank you.
Kind regards,
Vlada
Comment 13 Ondřej Pražák 2020-01-28 07:27:16 UTC 
Connecting redmine issue https://projects.theforeman.org/issues/28867 from this bug
Comment 14 Ondřej Pražák 2020-01-28 07:28:25 UTC 
I agree we probably do not want to allow scenario described in comment #8.
Comment 25 errata-xmlrpc 2020-04-14 13:26:02 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:1454