Hide Forgot
Description of problem: Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: I see that when i login as non-admin user and click on Administer, i get "You have insufficient privileges to perform action". however when i click on My accounts, the submenu get rendered for Administer section. Expected results: if the user can view the submenu from My_accounts, then it will best to render submenu for the admin section. Additional info: aeolus-configure-2.5.0-4.el6.noarch rubygem-aeolus-cli-0.3.0-3.el6.noarch aeolus-conductor-doc-0.8.0-5.el6.noarch aeolus-all-0.8.0-5.el6.noarch aeolus-conductor-daemons-0.8.0-5.el6.noarch rubygem-aeolus-image-0.3.0-2.el6.noarch aeolus-conductor-0.8.0-5.el6.noarch
Administration tab link points to users index page and most of non-admin users won't have perms to list other users. But some non-admin users can have other "admin" permissiosn (for example for building images), IOW they have a reason why they should be able to access subtabs in admin section. Because subtabs are rendered as part of any page in admin tab, it's not rendered when the permission error is raised -> a non-admin user can't click through UI to any admin page if he is trapped by the user perms error. Solution could be rendering of admin subtabs as part of layout.
A couple of actions required. - Can we restyle the "You have insufficient privileges to perform action." message, perhaps with the flash error tool, so that it is less ugly - Change the wording to "You have insufficient privileges to perform the selected action." - Change the behaviour when a non-admin user clicks on the top-level Administer tab so that it is the same as when a user clicks on "My Account"
Created attachment 552458 [details] flash error sample sample of flash error
For the first part of the issue (restyling to use the flash error tool); errors are handled with a generic handle_error method that generates an error page. There are some options: a) have this specific permission error create a flash error b) have all permission errors create a flash error c) have all errors create a flash error Is there a preference? Additionally, I've attached a screenshot of what the page looks like if we use the flash error and remove the message. The flash error goes above the main body, and the main body is completely blank. Does that look. . . odd? It might just be me. Mainn
Submitted patch: https://fedorahosted.org/pipermail/aeolus-devel/2012-January/008052.html
Pushed commits: commit 117778436377e4ac6afb6aa98d09f77538d24bd1 BZ 773580 added redirect to account_url if user is not permissioned for admin commit 42fdc529d310ac5ab10e8ba90832f26a891d22c9 BZ 773580 changed html error message to display flash error commit 5030645dc6dc4a92d12e9d616838b98ecbdc535b BZ 773580 replaced permission error message with locale message commit cea92456b5185685bdaa85e0710d6c278f036a73 BZ 773580 added permission_denied messages
aeolus-conductor-0.8.0-7.el6.src.rpm
Verified -Wording is changed to "You have insufficient privileges to perform the selected action." - Behaviour when a non-admin user clicks on the top-level Administer and "My Account" is same now ============================================================= rpm -qa|grep aeolus aeolus-conductor-daemons-0.8.0-7.el6.noarch rubygem-aeolus-image-0.3.0-2.el6.noarch aeolus-configure-2.5.0-4.el6.noarch rubygem-aeolus-cli-0.3.0-3.el6.noarch aeolus-conductor-0.8.0-7.el6.noarch aeolus-all-0.8.0-7.el6.noarch aeolus-conductor-doc-0.8.0-7.el6.noarch
Created attachment 555746 [details] wording