Bug 1871109 - [v2v] Error messages when trying to do import while not having permissions for it are wrong
Summary: [v2v] Error messages when trying to do import while not having permissions fo...
Keywords:
Status: CLOSED DUPLICATE of bug 1881386
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Console Kubevirt Plugin
Version: 4.5
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: ---
: 4.6.0
Assignee: Ido Rosenzwig
QA Contact: Ilanit Stein
Avital Pinnick
URL:
Whiteboard: v2v, ux_issue
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2020-08-21 11:03 UTC by Tomas Jelinek
Modified: 2020-11-18 16:05 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: No Doc Update
Doc Text:
Clone Of:
Environment:
Last Closed: 2020-10-04 11:58:11 UTC
Target Upstream Version:


Attachments (Terms of Use)
v2v non-admin user permissions error (83.48 KB, image/png)
2020-08-25 12:55 UTC, Ido Rosenzwig
no flags Details


Links
System ID Private Priority Status Summary Last Updated
Github openshift console pull 6437 0 None closed bug 1871109: Add a user friendly error message in VM import wizard 2021-02-03 05:56:34 UTC

Description Tomas Jelinek 2020-08-21 11:03:48 UTC
Description of problem:

Go to the import VM wizard while being a non admin user. The VMware provider will complain that:

"
Could not load ConfigMap vmware-to-kubevirt-os in kube-public namespace
Restricted Access: configmaps "vmware-to-kubevirt-os" is forbidden: User "tjelinek@redhat.com" cannot get resource "configmaps" in API group "" in the namespace "kube-public"
"

which is not a nice way to communicate it and the RHV provider will say nothing, only will hang forever in the "Starting Red Hat Virtualization (RHV) controller"

The errors should actually tell the user what is wrong.

Comment 1 Tomas Jelinek 2020-08-21 11:30:16 UTC
The UI should check if the user is allowed to read the v2v-vmware configmap in openshift-cnv or kubevirt-hyperconverged namespace before trying to deploy the controller. If it is not able to read that, it should show a warning, that this namespaces are not available and you should contact the administrator to give you access to them.

Comment 2 Ido Rosenzwig 2020-08-25 12:55:11 UTC
the ability to read the v2v-vmware configmap from one of these two namespaces is a result of lack of the user's permissions.
beside the access permissions to these namespaces the user should have other permissions in a cluster level to be able to import a VM from a provider.
Thus, the error message should be: 'You don't have permissions to import a VM, please contact your administrator'.

In addition, the set of permissions that are missing appear in the bottom, do we want to show it as it is now or do we want to parse it and presented elegantly?
The error is attached.

Comment 3 Ido Rosenzwig 2020-08-25 12:55:58 UTC
Created attachment 1712534 [details]
v2v non-admin user permissions error

Comment 6 Ilanit Stein 2020-10-04 11:58:11 UTC
According to documentation bug 1872318 the import will work only for an admin user. 
The option to import will be hidden for non admin user: https://bugzilla.redhat.com/show_bug.cgi?id=1881386 (change OCP-4.6).

Based on the above this bug cannot be verified, therefore, closing the bug.

*** This bug has been marked as a duplicate of bug 1881386 ***


Note You need to log in before you can comment on or make changes to this bug.