Created attachment 1879844 [details] create VM error screenshot Description of problem: a non-priv user can not create a VM if 'all-namespaces' is selected as namespace. Version-Release number of selected component (if applicable): How reproducible: 100% Steps to Reproduce: 1. login as non-priv user and navigate to Virtualization -> Catalog 2. select any template (make sure no namespace is selected) 3. click on "Customize VirtualMachine" 4. click on "Review and create Virtual Machine" 5. get following error: Create VirtualMachine error processedtemplates.template.openshift.io is forbidden: User "test" cannot create resource "processedtemplates" in API group "template.openshift.io" in the namespace "default" Actual results: since no namespace was selected, we assign the namespace "default" to our process request, as non-priv user has no permission to process a template in that namespace we fail Expected results: we want to alert the user that there is no namespace selected, and should not allowed to continue with the create VM process Additional info:
Verified on CNV-v4.11.0-423/OCP-v4.11.0-36. When logged as non-pruv user, there's no "all-namespaces" option, therefore the user has to select or create project
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Important: OpenShift Virtualization 4.11.0 Images security and bug fix update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2022:6526