Bug 1812506
| Summary: | RBAC check incorrect for Home -> Overview nav item | ||
|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | Samuel Padgett <spadgett> |
| Component: | Management Console | Assignee: | Samuel Padgett <spadgett> |
| Status: | CLOSED ERRATA | QA Contact: | Yadan Pei <yapei> |
| Severity: | high | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 4.4 | CC: | aos-bugs, jokerman, xiaocwan, yapei |
| Target Milestone: | --- | ||
| Target Release: | 4.4.0 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: |
Previously, the Home -> Overview nav item would be hidden from users who could not list namespaces, but otherwise had authority to see metrics. The nav item now appears for all users who have authority to see cluster metrics.
|
Story Points: | --- |
| Clone Of: | 1811757 | Environment: |
Version: 4.4.0-0.ci-2020-03-09-103610
Cluster ID: 409bf8c6-8338-44de-92aa-694c2b61aa26
Browser: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:73.0) Gecko/20100101 Firefox/73.0
|
| Last Closed: | 2020-05-04 11:45:48 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1811757 | ||
| Bug Blocks: | |||
Response:
{
"kind": "SelfSubjectAccessReview",
"apiVersion": "authorization.k8s.io/v1",
"metadata": {
"creationTimestamp": null
},
"spec": {
"resourceAttributes": {
"verb": "get",
"resource": "namespaces"
}
},
"status": {
"allowed": true,
"reason": "RBAC: allowed by ClusterRoleBinding \"cluster-admins\" of ClusterRole \"cluster-admin\" to Group \"system:cluster-admins\""
}
}
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:0581 |
Now this request is as expect: POST request "api/kubernetes/apis/authorization.k8s.io/v1/selfsubjectaccessreviews" with payload {"spec":{"resourceAttributes":{"resource":"namespaces","verb":"get"}},"metadata":{}} Could "get" namespaces from server. Verified on 4.4.0-0.nightly-2020-03-15-215151