Bug 697854 - Reports->Recent Operations and Recent Alerts: 'Delete' Buttons are disabled for a user with control_write permission
Reports->Recent Operations and Recent Alerts: 'Delete' Buttons are disabled f...
Status: CLOSED WONTFIX
Product: RHQ Project
Classification: Other
Component: Core UI (Show other bugs)
4.0.0
Unspecified Unspecified
medium Severity medium (vote)
: ---
: ---
Assigned To: RHQ Project Maintainer
Corey Welton
:
Depends On:
Blocks: rhq4
  Show dependency treegraph
 
Reported: 2011-04-19 09:03 EDT by Sunil Kondkar
Modified: 2012-06-13 14:26 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2011-04-19 12:17:31 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Sunil Kondkar 2011-04-19 09:03:36 EDT
Description of problem:

Buttons 'Delete' and 'Force Delete' are disabled for a user having control_write permission for a resource in Reports->Recent Operations page.


Version-Release number of selected component (if applicable):

build#1144 (Version: 4.0.0-SNAPSHOT Build Number: 50f58a4)

How reproducible:

Always

Steps to Reproduce:

1. Login to RHQ as rhqadmin.

2. Create a user and a compatible group of resorces (Ex: Apache).

3. Create a role with only control_write resource permissions.

4. Assign the resource group and the user created to the role.

5. Logout and login as the user created above( with only control_write resource permissions)

6. Navigate to Reports->Recent Operations.

7. Select a row and observe that the 'Delete' and 'Force Delete' buttons are disabled.

  
Actual results:

The Delete button is disabled for a user having control write permission.

Expected results:

The 'Delete' button should be enabled after selecting a operation history and user should be able to delete resource operation history in reports.

Additional info:

When the same user (with only control_write resource permissions) navigates to the 'operations->History' tab of the resource, the buttons 'Delete' and 'Force Delete' are enabled and user can delete the operations history.
Comment 1 Jay Shaughnessy 2011-04-19 12:17:31 EDT
The subsystem views are cross-inventory views and currently often require a global priv (manage_inventory) to enable buttons that perform "write" operations.  The alternative is a costly button enable check that requires resource level perm checking each time the selection changes.  We've opted not to do that in these views at this time.

This could be re-opened as an RFE based on customer demand.

Note You need to log in before you can comment on or make changes to this bug.