This service will be undergoing maintenance at 00:00 UTC, 2016-09-28. It is expected to last about 1 hours
Bug 339121 - Permission Error for SDC Kickstart Tab
Permission Error for SDC Kickstart Tab
Status: CLOSED CURRENTRELEASE
Product: Red Hat Network
Classification: Red Hat
Component: RHN/Web Site (Show other bugs)
rhn500
All Linux
low Severity low
: ---
: ---
Assigned To: Sebastian Skracic
Red Hat Satellite QA List
https://rhn.webqa.redhat.com/rhn/syst...
US=28874
:
Depends On:
Blocks: 450300
  Show dependency treegraph
 
Reported: 2007-10-18 23:47 EDT by Máirín Duffy
Modified: 2013-01-10 05:20 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-09-25 09:03:13 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Máirín Duffy 2007-10-18 23:47:36 EDT
Description of problem:

https://rhn.webqa.redhat.com/rhn/systems/details/kickstart/ScheduleWizard.do?sid=1007659714

This isn't an issue for org admins. But it is an issue for system group admins.
Here are the steps to reproduce:

1) log into a corporate account as an org admin.
2) create a non org admin user.
3) create a system group.
4) add your non org admin user to the system group as an admin in the admin tab.
5) add a system with provisioning entitlements to the system group.
6) log out as org admin. log in as your newly-created non-org admin group admin.
7) go to the system you added to the system group.
8) click on the provisioning tab. you'll get a permission error. 

How reproducible:

Very. More details in a private comment following this.
Comment 2 Máirín Duffy 2007-10-19 13:08:37 EDT
Forgot to mention, this bug does not affect Satellite only hosted.
Comment 3 Grant Gainey 2008-06-04 14:30:51 EDT
OK - this happens because the action's security currently requires the user to
be a config-admin to access provisioning.  That doesn't make a lot of sense in
this context, and so that protection should be removed.

Workaround is to give the user config-admin - although that may give that user
more access than the customer wants.
Comment 4 Sebastian Skracic 2008-06-24 09:08:05 EDT
Fixed in r118829.

Note You need to log in before you can comment on or make changes to this bug.