This service will be undergoing maintenance at 00:00 UTC, 2016-08-01. It is expected to last about 1 hours
Bug 643006 - Resource tree nodes display right click menu option 'Resource Configuration' as enabled for a user without configure_read permission
Resource tree nodes display right click menu option 'Resource Configuration' ...
Status: CLOSED CURRENTRELEASE
Product: RHQ Project
Classification: Other
Component: Core UI (Show other bugs)
4.0.0
All Linux
low Severity medium (vote)
: ---
: ---
Assigned To: Jay Shaughnessy
Corey Welton
:
Depends On:
Blocks: rhq4 gwt-tree
  Show dependency treegraph
 
Reported: 2010-10-14 08:56 EDT by Sunil Kondkar
Modified: 2011-05-23 21:17 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Sunil Kondkar 2010-10-14 08:56:52 EDT
Description of problem:

If user does not have 'Configure-read' permissions for resources, the 'Resource Configuration' menu item should be disabled in the right click menu for the resource. At present it is enabled. Clicking on the 'Resource Configuration' menu option displays below error in the server log:

ERROR [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost].[/coregui]] Exception while dispatching incoming RPC call
com.google.gwt.user.server.rpc.UnexpectedException: Service method 'public abstract org.rhq.core.domain.configuration.Configuration org.rhq.enterprise.gui.coregui.client.gwt.ConfigurationGWTService.getResourceConfiguration(int)' threw an unexpected exception: java.lang.RuntimeException: org.rhq.enterprise.server.authz.PermissionException:User [testuser] does not have permission to view resource configuration for [Resource[id=10002, type=RHQ Agent, key=RHQ Agent, name=RHQ Agent, parent=sunillaptop, version=4.0.0-SNAPSHOT]]

Version-Release number of selected component (if applicable):

rhq build#413


How reproducible:

Always

Steps to Reproduce:

1.Login to Jon.
2.Create a group of resources like rhq agent etc.
3.Create a role having only 'Configure-read' permissions and assign the resource group created.
4.Create a new user and assign the role created above.
5.Login to Jon as newly created user.
6.Click on 'Inventory' menu item.
7.Click on 'Resource Inventory->Servers'.
8.Click on the resource (Ex: Rhq Agent)
9.Right click on the resource node in the resource tree.(Ex: Rhq Agent)
10.Verify 'Resource Configuration' menu item in the right click menu
  
Actual results:

The 'Resource Configuration' right click menu option is enabled for a user without configure_read permission.

Expected results:

If user does not have 'Configure-read' permissions for resources, the 'Resource Configuration' menu item should be disabled in the right click menu for the resource.

Additional info:
Comment 1 Jay Shaughnessy 2011-02-14 12:23:14 EST
Fixed.
Comment 2 Sunil Kondkar 2011-04-07 07:45:50 EDT
Verified on build#1129 (Version: 4.0.0-SNAPSHOT Build Number: 5a40add)

The 'Resource Configuration' right click menu item is disabled for a user without 'Configure-read' permissions for resources.

Marking as verified.
Comment 3 Corey Welton 2011-05-23 21:16:49 EDT
Bookkeeping - closing bug - fixed in recent release.
Comment 4 Corey Welton 2011-05-23 21:16:50 EDT
Bookkeeping - closing bug - fixed in recent release.
Comment 5 Corey Welton 2011-05-23 21:16:51 EDT
Bookkeeping - closing bug - fixed in recent release.
Comment 6 Corey Welton 2011-05-23 21:17:11 EDT
Bookkeeping - closing bug - fixed in recent release.

Note You need to log in before you can comment on or make changes to this bug.