Bugzilla will be upgraded to version 5.0 on December 2, 2018. The outage period for the upgrade will start at 0:00 UTC and have a duration of 12 hours
Bug 611760 - User assigned to a role having only manage bundles permissions is not able to see any content.
User assigned to a role having only manage bundles permissions is not able to...
Status: CLOSED CURRENTRELEASE
Product: RHQ Project
Classification: Other
Component: Provisioning (Show other bugs)
3.0.0
All All
urgent Severity medium (vote)
: ---
: ---
Assigned To: Ian Springer
Sunil Kondkar
:
Depends On:
Blocks: jon24-provisioning
  Show dependency treegraph
 
Reported: 2010-07-06 08:31 EDT by Sunil Kondkar
Modified: 2013-08-05 20:37 EDT (History)
2 users (show)

See Also:
Fixed In Version: 2.4
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2010-08-12 12:46:30 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Sunil Kondkar 2010-07-06 08:31:26 EDT
Description of problem:

If a role has only 'Manage bundles' permission, user assigned to this role is not able to see the link Administrator->Content after login to jon.

Version-Release number of selected component (if applicable):
jon-2.4.0.GA_QA

How reproducible:
always

Steps to Reproduce:

1. Go to Administration->Security->Roles
2. Click on button 'New' to create a new role.
3. Enter a role name and check the check box 'Manage bundles' in 'Global Permissions' section.
4. Do not check any other checkbox.
5. Click on OK button.
5. Create a new user(testuser) and add user to the role created in step #4.
6. Login to jon with the user(testuser)
7. Try to acess Administrator->Content->Bundles link.
  
Actual results:
User is not able to see the link Administrator->Content 

Expected results:
User should be able to see the Content page and manage the bundles.

Additional info:
If a role has 'Manage inventory' permission and 'Manage bundles' permission, a user assigned to that role is able to access Administrator->Content->Bundles link.
Comment 1 Ian Springer 2010-07-07 19:00:06 EDT
Fixed by commit 074d5c2, which has been pushed to the release-3.0.0 branch.

Now a user with the Bundle perm can view Content>Bundles menu item, but a user with the Inventory perm and not the Bundle perm cannot.

Here's the relevant blurb from menu.xhtml:

        <ui:remove>***** Administration > CONTENT *****</ui:remove>
        <rich:menuGroup value="Content" rendered="#{GlobalPermissionsUIBean.inventory || GlobalPermissionsUIBean.bundle}">
            <rich:menuItem submitMode="none" onclick="window.location = '/coregui/CoreGUI.html#Bundles'"
                           rendered="#{GlobalPermissionsUIBean.bundle}">
                <h:outputText value="Bundles"/>
            </rich:menuItem>
            <rich:menuItem submitMode="none" onclick="window.location = '/rhq/content/listContentProviders.xhtml'"
                           rendered="#{GlobalPermissionsUIBean.inventory}">
                <h:outputText value="Content Sources"/>
            </rich:menuItem>
            <rich:menuItem submitMode="none" onclick="window.location = '/rhq/content/listRepos.xhtml'"
                           rendered="#{GlobalPermissionsUIBean.inventory}">
                <h:outputText value="Repositories"/>
            </rich:menuItem>
        </rich:menuGroup>
Comment 2 Sunil Kondkar 2010-07-08 05:48:57 EDT
Verified on jon-2.4.0.GA_QA build#52

User assigned to a role having only manage bundles permissions is able to access Content>Bundles. A a user having the Inventory permission and without the Bundle permission cannot access Content>Bundles.
Comment 3 Corey Welton 2010-08-12 12:46:30 EDT
Mass-closure of verified bugs against JON.

Note You need to log in before you can comment on or make changes to this bug.