Bug 2158508 - Permission denied on Ansible part of host page when usergroup of user have administrator role
Summary: Permission denied on Ansible part of host page when usergroup of user have ad...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Satellite
Classification: Red Hat
Component: Ansible - Configuration Management
Version: 6.12.0
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: 6.13.0
Assignee: nalfassi
QA Contact: addubey
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2023-01-05 15:37 UTC by Jan Jansky
Modified: 2023-05-03 13:24 UTC (History)
4 users (show)

Fixed In Version: rubygem-foreman_ansible-10.4.0
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2023-05-03 13:24:04 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Foreman Issue Tracker 35994 0 Normal New Permission denied on Ansible part of host page when usergroup of user have administrator role 2023-01-25 13:18:08 UTC
Red Hat Issue Tracker SAT-15826 0 None None None 2023-02-12 09:53:58 UTC
Red Hat Product Errata RHSA-2023:2097 0 None None None 2023-05-03 13:24:26 UTC

Description Jan Jansky 2023-01-05 15:37:20 UTC 
Description of problem:
With user which is non-admin but it is in usergroup which should give him administrator role is possible to access lot of pages, but on

WebUI -> Hosts -> select host -> Ansible

is shown below

Permission denied
You are not authorized to view the page. Request the following permissions from administrator: view_ansible_roles.


Version-Release number of selected component (if applicable):
satellite-6.12.0-4.el8sat.noarch


How reproducible:
Always

Steps to Reproduce:
1. Create user with non-admin (in my case ldap based)
2. Create usergroup with administrator role (in my case ldap based)
3. As user from (1) log in and try to access
WebUI -> Hosts -> select host -> Ansible

Actual results:
Permission denied
You are not authorized to view the page. Request the following permissions from administrator: view_ansible_roles.

Expected results:
See Ansible page as user should be administrator due to usergroup

Additional info:
Reproducer ready
Comment 3 nalfassi 2023-01-25 13:18:06 UTC 
Created redmine issue https://projects.theforeman.org/issues/35994 from this bug
Comment 4 Bryan Kearney 2023-02-05 16:03:03 UTC 
Moving this bug to POST for triage into Satellite since the upstream issue https://projects.theforeman.org/issues/35994 has been resolved.
Comment 10 errata-xmlrpc 2023-05-03 13:24:04 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Important: Satellite 6.13 Release), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2023:2097
Note You need to log in before you can comment on or make changes to this bug.