Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
Red Hat Satellite engineering is moving the tracking of its product development work on Satellite to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "Satellite project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs will be migrated starting at the end of May. If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "Satellite project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/SAT-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1922134

Summary: User with viewer role can see "Create Content View" button
Product: Red Hat Satellite Reporter: Anand Agrawal <aagrawal>
Component: Content ViewsAssignee: Samir Jha <sajha>
Status: CLOSED ERRATA QA Contact: Lai <ltran>
Severity: high Docs Contact:
Priority: unspecified    
Version: 6.9.0CC: juwatts, paji, sajha, vijsingh, zhunting
Target Milestone: 6.9.0Keywords: Regression, Triaged
Target Release: Unused   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: tfm-rubygem-katello-3.18.1.5-1 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-04-21 13:10:30 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1922171, 1922174, 1925172    
Attachments:
Description Flags
viewer role - content views - shows create button none

Description Anand Agrawal 2021-01-29 10:29:12 UTC 
Description of problem:
Non-admin user with viewer role can see "Create Content View" button.

Version-Release number of selected component (if applicable):

6.9
How reproducible:

Always
Steps to Reproduce:
1. Create a non-admin user with 'viewer' role.
2. Login with above non admin role.
3. Goto Content -> Content View, You will see "Create Content View"
4. While adding the details for new CV and clicking Submit, doesn't do anything. No error message as well

Actual results:
'Create Content View' is visible but unable to create content view

Expected results:

'Create Content View' shouldn't be visible.

Additional info:
Comment 1 Brad Buckingham 2021-02-04 12:32:28 UTC 
Created attachment 1755052 [details]
viewer role - content views - shows create button
Comment 2 Anand Agrawal 2021-02-04 14:05:27 UTC 
Same behaviour is observed in 

Content -> Content Credentials -> We can see Create Content Credentials -> Enter Details -> Click Submit. It shows Content Credential created successfully. But it doesn't create credential
Comment 3 Samir Jha 2021-02-09 00:20:16 UTC 
Created redmine issue http://projects.theforeman.org/issues/31839 from this bug
Comment 4 Partha Aji 2021-02-09 22:10:04 UTC 
*** Bug 1922174 has been marked as a duplicate of this bug. ***
Comment 5 Partha Aji 2021-02-09 22:12:21 UTC 
Marked https://bugzilla.redhat.com/show_bug.cgi?id=1922174 as a duplicate because the fix for this fixes that. The scenarios look slightly different so feel free to test the scenario in https://bugzilla.redhat.com/show_bug.cgi?id=1922174
Comment 6 Bryan Kearney 2021-02-10 00:05:54 UTC 
Moving this bug to POST for triage into Satellite since the upstream issue https://projects.theforeman.org/issues/31839 has been resolved.
Comment 7 Partha Aji 2021-02-10 16:49:50 UTC 
*** Bug 1922118 has been marked as a duplicate of this bug. ***
Comment 8 Partha Aji 2021-02-10 16:51:19 UTC 
(In reply to Partha Aji from comment #5)
> Marked https://bugzilla.redhat.com/show_bug.cgi?id=1922174 as a duplicate
> because the fix for this fixes that. The scenarios look slightly different
> so feel free to test the scenario in
> https://bugzilla.redhat.com/show_bug.cgi?id=1922174

Same with https://bugzilla.redhat.com/show_bug.cgi?id=1922118
Comment 9 Jonathon Turel 2021-02-10 17:14:05 UTC 
*** Bug 1922171 has been marked as a duplicate of this bug. ***
Comment 10 Partha Aji 2021-02-10 18:56:44 UTC 
*** Bug 1922111 has been marked as a duplicate of this bug. ***
Comment 11 Samir Jha 2021-02-11 18:08:38 UTC 
*** Bug 1922145 has been marked as a duplicate of this bug. ***
Comment 12 Brad Buckingham 2021-02-16 14:32:39 UTC 
*** Bug 1922140 has been marked as a duplicate of this bug. ***
Comment 13 Brad Buckingham 2021-02-16 14:33:39 UTC 
QE, when verifying this bugzilla, please also verify all associated duplicate bugzillas are resolve.  Each one documents a similar but different scenario that appears to be due to the same root cause.
Comment 15 Lai 2021-02-22 18:56:03 UTC 
Steps to retest:

1. Create a non-admin user with 'viewer' role.
2. Login with above non admin role.
3. Goto Content -> Content View
4. Verify that "Create New View" button is not present

Expected:
"Create New View" button should not be shown

Actual:
"Create New View" button is not shown.


Additional Note:
I've checked with "Create New Activation Key", "Create Product", "Repo Discovery", "Create Host Collection", and verify that the user cannot resume, cancel, or perform any tasks in the Tasks page because the "operation" column is not populated with anything.  I've also verify that drilling into the activation key, host collection, and product and repo details page does not have any angular code present.

Verified on 6.9.0_014
Comment 18 errata-xmlrpc 2021-04-21 13:10:30 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: Satellite 6.9 Release), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2021:1313