Bug 2018234 - user settings are saved in local storage instead of on cluster
Summary: user settings are saved in local storage instead of on cluster
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Dev Console
Version: 4.8
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: ---
: 4.10.0
Assignee: Christoph Jerolimov
QA Contact: spathak@redhat.com
URL:
Whiteboard:
Depends On:
Blocks: 2038607
TreeView+ depends on / blocked
 
Reported: 2021-10-28 14:58 UTC by cvogt
Modified: 2022-03-10 16:23 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
* Before this update, users with restricted access could not access their config map in a shared namespace to save their user settings on a cluster and load them in another browser or machine. As a result, user preferences such as pinned navigation items were only saved in the local browser storage and not shared between multiple browsers. This update resolves the issue: The web console Operator automatically creates RBAC rules so that each user can save these settings to a config map in a shared namespace and more easily switch between browsers. (link:https://bugzilla.redhat.com/show_bug.cgi?id=2018234[BZ#2018234])
Clone Of:
: 2038607 (view as bug list)
Environment:
Last Closed: 2022-03-10 16:22:54 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift console pull 10705 0 None open [WIP] Bug 2018234: Fix user settings for normal users 2021-12-20 17:58:29 UTC
Red Hat Product Errata RHSA-2022:0056 0 None None None 2022-03-10 16:23:10 UTC

Description cvogt 2021-10-28 14:58:44 UTC
Description of problem:
User settings are not getting saved on the cluster in the user-settings config map. Instead they are being saved in local storage.


Version-Release number of selected component (if applicable):
Observed on dev sandbox 4.8.15
Also reproducible on 4.10 dev clusters


How reproducible:


Steps to Reproduce:
1. log in as a non-admin user
2. navigate to a page which deals with user settings such as topology
3. inspect the network traffic with web inspector

Actual results:
403 error attempting to fetch the user settings config map
user settings are stored in local storage

Expected results:
fetching the config map should be successful
user settings should be stored in the user-settings config map


Additional info:

Comment 1 Christoph Jerolimov 2021-10-28 18:43:42 UTC
Network communication on a local cluster (http):

GET .../api/kubernetes/api/v1/namespaces/openshift-console-user-settings/configmaps/user-settings-185287fc-0957-4422-b3ea-df5e03046d78
returns 404

POST .../api/console/user-settings (3 times)

WATCH ws://.../api/kubernetes/api/v1/namespaces/openshift-console-user-settings/configmaps?watch=true&fieldSelector=metadata.name%3Duser-settings-185287fc-0957-4422-b3ea-df5e03046d78

PATCH .../api/kubernetes/api/v1/namespaces/openshift-console-user-settings/configmaps/user-settings-185287fc-0957-4422-b3ea-df5e03046d78
PATCH ...
PATCH ...
PATCH ...

But on sandbox (with https) I could not see the first GET call. Instead it starts directly with these wss:// WATCH calls. That might be the reason why the POST call to create the ConfigMap, Role and RoleBinding is not called.

Comment 2 Christoph Jerolimov 2021-10-28 18:48:32 UTC
But calling the API manually (with valid tokens copied from chrome) doesn't work:


curl -vs -X GET 'https://...sandbox.../api/console/user-settings'
...
< HTTP/1.1 404 Not Found
...
{"error":"Failed to get user settings: configmaps \"user-settings-b007bab6-9b47-4685-9f1b-59d54905bd3c\" not found"}


curl -vs -X POST 'https://...sandbox.../api/console/user-settings'
...
< HTTP/1.1 403 Forbidden
< content-length: 0
...
%

Comment 5 Christoph Jerolimov 2022-01-18 10:52:41 UTC
Verified on 4.10.0-0.ci-2022-01-18-093446

Comment 10 errata-xmlrpc 2022-03-10 16:22:54 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.10.3 security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:0056


Note You need to log in before you can comment on or make changes to this bug.