Bug 697091 - Query generator grammar error for non-perm user (via resource config update history portlet)
Summary: Query generator grammar error for non-perm user (via resource config update h...
Alias: None
Product: RHQ Project
Classification: Other
Component: Core Server
Version: 4.0.0.Beta2
Hardware: All
OS: All
high vote
Target Milestone: ---
: ---
Assignee: Jay Shaughnessy
QA Contact: Mike Foley
Depends On:
Blocks: rhq4
TreeView+ depends on / blocked
Reported: 2011-04-15 19:28 UTC by Jay Shaughnessy
Modified: 2013-09-02 07:17 UTC (History)
2 users (show)

Fixed In Version: rhq4
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2013-09-02 07:17:39 UTC

Attachments (Terms of Use)

Description Jay Shaughnessy 2011-04-15 19:28:18 UTC
1) Log in as user with no config perms for an accessible resource that does have resource config history.

2) Nav to summary->activity (resource dash) for the resource

3) The resource config update history portlet will generate an excpetion

The exception is server-side, a bad query is generated in the criteria fetch.

Comment 1 Jay Shaughnessy 2011-04-15 19:42:19 UTC
commit 18a3a539ccb069162b0d6d69c9cbf0f055f59205
Author: Jay Shaughnessy <jshaughn@redhat.com>
Date:   Fri Apr 15 15:38:28 2011 -0400

This seemed to be a flat out grammar issue in certain generated queries for non-permissioned users.

Test Notes- test the scenario above as well as many other non-permissioned queries for resources and groups as possible.

Comment 2 Sunil Kondkar 2011-06-09 09:15:57 UTC
Verified on build123 (Version: 4.1.0-SNAPSHOT Build Number: a6d2d56)

Created a user and a resource group. Created a role with no config permissions and assigned the group and the user to the role.
Logged in as the user with no config permissions and navigated to the summary->activity page for the resource. No exception is observed.

Also verified this by navigating to the summary->activity page for the resource group. No exception is observed.

Marking as verified.

Comment 3 Heiko W. Rupp 2013-09-02 07:17:39 UTC
Bulk closing of issues that were VERIFIED, had no target release and where the status changed more than a year ago.

Note You need to log in before you can comment on or make changes to this bug.