Bug 2048541 - incorrect rbac check for install operator quick starts
Summary: incorrect rbac check for install operator quick starts
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Dev Console
Version: 4.10
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
: 4.11.0
Assignee: Debsmita Santra
QA Contact: spathak@redhat.com
Depends On:
Blocks: 2054535
TreeView+ depends on / blocked
Reported: 2022-01-31 13:23 UTC by Debsmita Santra
Modified: 2022-08-10 10:46 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: No Doc Update
Doc Text:
Clone Of:
Last Closed: 2022-08-10 10:45:53 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Github openshift console-operator pull 634 0 None open ODF quickstart permissions check 2022-01-31 13:23:25 UTC
Red Hat Product Errata RHSA-2022:5069 0 None None None 2022-08-10 10:46:22 UTC

Description Debsmita Santra 2022-01-31 13:23:25 UTC
Description of problem:
There are several `install operator` quick starts present in the console/operator github: https://github.com/openshift/console-operator/tree/master/quickstarts

The current checks look like:

  - group: operators.coreos.com
    resource: operatorgroups
    verb: list
  - group: packages.operators.coreos.com
    resource: packagemanifests
    verb: list
The checks also include the ability to create a Subscription.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Login as non kubeadmin user
2. Click on help `?` on the top-right
3. Select quick starts

Actual results:
Users without the ability to install an operator can see the install quick starts.

Expected results:
only admins with the access to install an operator should see the `install-serverless` quick star and other quick starts like it

Additional info:

Comment 3 Mohammed Saud 2022-02-17 12:18:55 UTC
Verified on:
Build:   4.11.0-0.nightly-2022-02-16-131355
Browser: Firefox 97

Comment 6 errata-xmlrpc 2022-08-10 10:45:53 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Important: OpenShift Container Platform 4.11.0 bug fix and security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.