Description of problem: Created a read only user "reader" and assigned "Read everything" role. When I login with reader user, I got +Add option to add package groups to system template. Nothing happens on UI if i click on +Add. However this +Add shouldn't be visible on UI without selecting the system template and with read only user. Version-Release number of selected component (if applicable): How reproducible: always Steps to Reproduce: 1. Login with admin user 2. Create a new user "reader" 3. Assign "Read everything" role to reader 4. Login with reader 5. Go to content management ==> system template 6. select any product from left pane ==> traverse to package groups. Actual results: +Add is there on UI for adding package groups without selecting the template and with read only user. This happens only for package groups Expected results: +Add shouldn't be there is this case as we login with read only user and user has not selected the sys template. Additional info:
Found this with: [root@dhcp201-187 ~]# rpm -qa | grep katello katello-glue-candlepin-0.1.174-2.el6.noarch katello-httpd-ssl-key-pair-1.0-1.noarch katello-certs-tools-1.0.1-2.el6.noarch katello-common-0.1.174-2.el6.noarch katello-cli-0.1.34-2.el6.noarch katello-glue-pulp-0.1.174-2.el6.noarch katello-trusted-ssl-cert-1.0-1.noarch katello-cli-common-0.1.34-2.el6.noarch katello-configure-0.1.52-2.el6.noarch katello-glue-foreman-0.1.174-2.el6.noarch katello-all-0.1.174-2.el6.noarch katello-0.1.174-2.el6.noarch katello-qpid-broker-key-pair-1.0-1.noarch [root@dhcp201-187 ~]#
Created attachment 554991 [details] +Add option on UI for adding package group with read only user and without selecting template
Should be fixed as of http://git.fedorahosted.org/git/?p=katello.git;a=commit;h=b874553e12e016d06a2f494525d1ec751b48a641
verified with katello-0.1.194-1.el6.noarch The reported issue has been fixed. This time "+Add" against package groups with read only user is not visible. Please see the attachment in next comment.
Created attachment 557199 [details] No +Add with read only user