Bug 815364 - [ipa webui] DNS permissions not listed and are in lowercase
[ipa webui] DNS permissions not listed and are in lowercase
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: ipa (Show other bugs)
6.2
Unspecified Unspecified
medium Severity unspecified
: rc
: ---
Assigned To: Rob Crittenden
Namita Soman
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-04-23 09:25 EDT by Namita Soman
Modified: 2013-02-21 04:11 EST (History)
4 users (show)

See Also:
Fixed In Version: ipa-3.0.0-1.el6
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-02-21 04:11:27 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Namita Soman 2012-04-23 09:25:39 EDT
Description of problem:
ipa permission-find --all dns 
lists 5 permissions - 
add dns entries
read dns entries
remove dns entries
update dns entries
Write DNS Configuration

But in UI, a search for dns lists only:
read dns entries

Also these permissions do not follow the case used for other permissions. For example, it should be Add DNS entries, and so on.

Version-Release number of selected component (if applicable):
ipa-server-2.2.0-10.el6.x86_64

How reproducible:
always

Steps to Reproduce:
1. ipa permission-find --all --raw dns 
2. From UI, search for permissions, using string dns

  
Actual results:
only "read dns entries" is listed

Expected results:
list all 5 permissions that match the string dns

Additional info:
Noticed difference between the permission (read dns entries) that is listed in UI, and the one that is not (say, add dns entries
objectclass: ipapermission
is not included.
Outputs for the 2 permissions below:

  dn: cn=add dns entries,cn=permissions,cn=pbac,dc=testrelm,dc=com
  cn: add dns entries
  member: cn=DNS Administrators,cn=privileges,cn=pbac,dc=testrelm,dc=com
  member: cn=DNS Servers,cn=privileges,cn=pbac,dc=testrelm,dc=com
  aci: (target = "ldap:///idnsname=*,cn=dns,dc=testrelm,dc=com")(version 3.0;acl "permission:add dns entries";allow (add) groupdn = "ldap:///cn=add dns entries,cn=permissions,cn=pbac,dc=testrelm,dc=com";)
  description: Add DNS entries
  memberindirect: cn=dns administrators,cn=privileges,cn=pbac,dc=testrelm,dc=com
  memberindirect: cn=dns servers,cn=privileges,cn=pbac,dc=testrelm,dc=com
  memberindirect: krbprincipalname=dns/rhel63-server.testrelm.com@testrelm.com,cn=services,cn=accounts,dc=testrelm,dc=com
  objectclass: groupofnames
  objectclass: top



  dn: cn=read dns entries,cn=permissions,cn=pbac,dc=testrelm,dc=com
  cn: read dns entries
  member: cn=DNS Administrators,cn=privileges,cn=pbac,dc=testrelm,dc=com
  member: cn=DNS Servers,cn=privileges,cn=pbac,dc=testrelm,dc=com
  member: cn=testprivilegedns,cn=privileges,cn=pbac,dc=testrelm,dc=com
  ipapermissiontype: SYSTEM
  description: Read DNS entries
  memberindirect: cn=dns administrators,cn=privileges,cn=pbac,dc=testrelm,dc=com
  memberindirect: cn=dns servers,cn=privileges,cn=pbac,dc=testrelm,dc=com
  memberindirect: krbprincipalname=dns/rhel63-server.testrelm.com@testrelm.com,cn=services,cn=accounts,dc=testrelm,dc=com
  memberindirect: cn=testroledns,cn=roles,cn=accounts,dc=testrelm,dc=com
  memberindirect: uid=testuserdns,cn=users,cn=accounts,dc=testrelm,dc=com
  objectclass: top
  objectclass: groupofnames
  objectclass: ipapermission
Comment 2 Dmitri Pal 2012-04-23 15:13:08 EDT
Upstream ticket:
https://fedorahosted.org/freeipa/ticket/2672
Comment 3 Dmitri Pal 2012-04-24 11:36:59 EDT
Upstream ticket:
https://fedorahosted.org/freeipa/ticket/2658
Comment 4 Namita Soman 2012-04-27 11:15:36 EDT
To address the part that the permission names should not be all lowercase, bug 815828 was opened.
Comment 5 Martin Kosek 2012-05-15 03:10:04 EDT
I closed ticket 2672 as duplicate. DNS permission mixed case shall be fixed in a scope of Bug 815828. This BZ shall fix just the part with permissions missing in permission-find (ticket 2658).
Comment 6 Martin Kosek 2012-06-01 01:54:58 EDT
Fixed upstream:
master: https://fedorahosted.org/freeipa/changeset/6ff5f28142c46bf5f08fef74c261f75e1baa9f66
Comment 7 Jenny Galipeau 2012-09-25 12:18:15 EDT
automated regression test exists
Comment 11 Varun Mylaraiah 2013-01-18 13:08:12 EST
Verified using ipa-server-3.0.0-22.el6.x86_64

https://wiki.idm.lab.bos.redhat.com/qa/archive/ipa/webui/automation/firefox/test-output-ipa-server-3.0.0-QA/0114_64bit/full%20suite/IPARBACTestSuite/index.html

Starting Test: testPermissionBug815364([add_permission_type_bug815364_search, dns])

Starting Test: testPermissionBug815364([add_permission_type_bug815364_search, dns])

Asserted: Read DNS Entries exists

Asserted: add dns entries exists

Asserted: remove dns entries exists

Asserted: update dns entries exists

Asserted: Write DNS Configuration exists

Test Passed: testPermissionBug815364([add_permission_type_bug815364_search, dns])

Test Passed: testPermissionBug815364([add_permission_type_bug815364_search, dns])
Comment 13 errata-xmlrpc 2013-02-21 04:11:27 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2013-0528.html

Note You need to log in before you can comment on or make changes to this bug.