788048 – User able to view applications even if all the roles of the user is revoked.

Bug 788048 - User able to view applications even if all the roles of the user is revoked.

Summary: User able to view applications even if all the roles of the user is revoked.

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	CloudForms Cloud Engine
Classification:	Retired
Component:	aeolus-conductor
Sub Component:
Version:	1.0.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	medium
Target Milestone:	beta6
Assignee:	Imre Farkas
QA Contact:	wes hayutin
Docs Contact:
URL:
Whiteboard:
Duplicates (2):	794740 798116 (view as bug list)
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2012-02-07 10:47 UTC by Aziza Karol
Modified:	2012-05-15 22:26 UTC (History)
CC List:	9 users (show)
Fixed In Version:	v0.8.0-40
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2012-05-15 22:26:15 UTC

Attachments	(Terms of Use)
depl (231.99 KB, image/png) 2012-02-07 10:48 UTC, Aziza Karol	no flags	Details
catalog details (258.82 KB, image/png) 2012-02-07 10:48 UTC, Aziza Karol	no flags	Details
catalog details (248.96 KB, image/png) 2012-02-28 11:30 UTC, Aziza Karol	no flags	Details
no catalog details (237.30 KB, image/png) 2012-03-05 06:38 UTC, Aziza Karol	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHEA-2012:0583	0	normal	SHIPPED_LIVE	new packages: aeolus-conductor	2012-05-15 22:31:59 UTC

Description Aziza Karol 2012-02-07 10:47:08 UTC

Description of problem:


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
Browser1:
login as admin and i launched vsphere and rhevm application.
create a user dev and revoke all the default roles assigned to it.

Browser2:
login as dev.
navigete to filter view.-->no applications or instance detail is listed.
But now if you click on the default zone link..and wait for few seconds pretty view displays the application details.
see attached screenshots.

Point is if we are not displaying the details in filter view then we should not display in pretty view too.

  

Additional info:
rpm -qa | grep aeolus
rubygem-aeolus-image-0.3.0-7.el6.noarch
aeolus-conductor-daemons-0.8.0-20.el6.noarch
aeolus-configure-2.5.0-11.el6.noarch
aeolus-conductor-doc-0.8.0-20.el6.noarch
aeolus-all-0.8.0-20.el6.noarch
rubygem-aeolus-cli-0.3.0-7.el6.noarch
aeolus-conductor-0.8.0-20.el6.noarch

Comment 1 Aziza Karol 2012-02-07 10:48:09 UTC

Created attachment 559912 [details]
depl

Comment 2 Aziza Karol 2012-02-07 10:48:37 UTC

Created attachment 559913 [details]
catalog details

Comment 3 Angus Thomas 2012-02-22 18:53:52 UTC

Imre 

This looks like we're missing a permissions check on the pretty view update. Can you please check?


Angus

Comment 4 Imre Farkas 2012-02-23 12:32:56 UTC

Patch has been posted: https://fedorahosted.org/pipermail/aeolus-devel/2012-February/009120.html

Comment 5 Imre Farkas 2012-02-23 15:04:42 UTC

This issue has been fixed. Please verify the commits ff1fe6c405d92c56dc591858c1d94d23aff417f5 and e322043cc11d243d7bef5c93bbc06d1ea5955e79

Comment 6 Hugh Brock 2012-02-23 15:08:12 UTC

*** Bug 794740 has been marked as a duplicate of this bug. ***

Comment 7 Aziza Karol 2012-02-28 11:27:51 UTC

Application details is not displayed now, but catalog image details is still getting displayed. see attached screesnhot.

#rpm -qa | grep aeolus
aeolus-conductor-0.8.0-37.el6.noarch
rubygem-aeolus-cli-0.3.0-11.el6.noarch
aeolus-all-0.8.0-37.el6.noarch
rubygem-aeolus-image-0.3.0-10.el6.noarch
aeolus-conductor-daemons-0.8.0-37.el6.noarch
aeolus-conductor-doc-0.8.0-37.el6.noarch
aeolus-configure-2.5.0-15.el6.noarch

Comment 8 Aziza Karol 2012-02-28 11:30:37 UTC

Created attachment 566292 [details]
catalog details

Comment 9 Jozef Zigmund 2012-02-28 16:48:11 UTC

*** Bug 798116 has been marked as a duplicate of this bug. ***

Comment 10 Imre Farkas 2012-02-29 09:24:57 UTC

Patch has been posted: https://fedorahosted.org/pipermail/aeolus-devel/2012-February/009257.html

Comment 11 Scott Seago 2012-02-29 17:01:20 UTC

See comments on patch on-list. Note that when testing, though, once the fix for 788148 is pushed, most users will see the catalogs list anyway since the 'Pool/Zone User' will include permission to see the catalogs/deployables.

Comment 12 Imre Farkas 2012-03-02 09:33:22 UTC

This issue has been fixed. Please verify the commit d92e4be5a9be70c02f471113e03f1c4054d1cd0f

Comment 13 Aziza Karol 2012-03-05 06:37:58 UTC

catalog image details is not getting displayed. see attached screeshot.

verified:
rpm -qa | grep aeolus
aeolus-configure-2.5.0-17.el6.noarch
aeolus-conductor-0.8.0-40.el6.noarch
aeolus-conductor-doc-0.8.0-40.el6.noarch
aeolus-all-0.8.0-40.el6.noarch
rubygem-aeolus-cli-0.3.0-12.el6.noarch
aeolus-conductor-daemons-0.8.0-40.el6.noarch
rubygem-aeolus-image-0.3.0-12.el6.noarch

Comment 14 Aziza Karol 2012-03-05 06:38:48 UTC

Created attachment 567485 [details]
no catalog details

Comment 15 errata-xmlrpc 2012-05-15 22:26:15 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHEA-2012-0583.html

Note You need to log in before you can comment on or make changes to this bug.