Red Hat Bugzilla – Bug 743522
A non-admin user(LDAP user) without alert privileges when clicks on the group alert definition tab displays IllegalArgumentException
Last modified: 2011-10-05 10:23:12 EDT
Description of problem:
Tried to access group alert definition by a non-admin user(LDAP user) without alert privileges. Navigating to the group alert definition tab displays exception in server log and a message 'Failed to fetch alert definition data' in UI.
Please find attached the server log
Version-Release number of selected component (if applicable):
Build#466 (Version: 4.1.0-SNAPSHOT Build Number: 092d688)
Active Directory Server (Windows Server 2003 R2)
Search Base: dc=pnq,dc=redhat,dc=com
Search Filter: objectclass=*
Login Property: cn
Group Search Filter: objectclass=group
Group Member Filter: member
LDAP Username/password: suniltestad/Redhat123 ( Is a member of LDAP group: sunilgroupad )
Steps to Reproduce:
1. Create a LDAP group (Ex: sunilgroupad )
2. Create a LDAP user (suniltestad)
3. Add the LDAP user to the LDAP group
4. Login to rhq as rhqadmin
5. Create a compatible group of resource like RHQ Agent
6. Define an alert for the compatible group (Ex: Operation execution - Execute 7. the operation so that alert get fired)
8. Create a role (Assign the compatible group created and map to an LDAP group( sunilgroupad ) while creating the role)
9. Login to RHQ as LDAP user(suniltestad)
10. Navigate to Inventory->Compatible groups
11. Click on the compatible group name
12. Click on Alerts tab
13. Click on 'Definitions' sub tab
It displays exception in server log and a message 'Failed to fetch alert definition data' in UI.
No exception should be displayed
Created attachment 526453 [details]
This is also reproducible with a non-admin user with alert permissions (Non admin user can be LDAP user or RHQ user with alert permissions.)
1. Login to rhq as rhqadmin.
2. Create a compatible group of resource like RHQ Agent.
3. Define an alert for the compatible group (Ex: Operation execution - Execute
the operation so that alert get fired)
4. Create a RHQ user.
5. Create a role selecting only 'Manage Alerts' read and write permissions for 'Resource Permissions'. Add the compatible group and user created to the role.
6. Login to RHQ as the user.
7. Navigate to Inventory->Compatible groups.
8. Click on the compatible group name.
9. Click on Alerts tab.
10. Click on 'Definitions' sub tab.
goal should be you are not presented with options that you are not able to do. still ... user cannot perform the activity.