Bug 852508 - User limited by role will receive ResourceTypeNotFound in Dashboard#index when logging in
User limited by role will receive ResourceTypeNotFound in Dashboard#index whe...
Status: CLOSED ERRATA
Product: Subscription Asset Manager
Classification: Red Hat
Component: katello (Show other bugs)
1.2
Unspecified Unspecified
urgent Severity urgent
: rc
: ---
Assigned To: Jordan OMara
Tazim Kolhar
: Triaged
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-08-28 14:15 EDT by Eric Sammons
Modified: 2016-04-25 20:54 EDT (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-02-21 14:17:30 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)
Organisations Access (75.47 KB, image/png)
2012-09-18 05:24 EDT, Tazim Kolhar
no flags Details
Organisations Access (55.88 KB, image/png)
2012-10-10 03:06 EDT, Tazim Kolhar
no flags Details
User with read only organisations (72.93 KB, image/png)
2012-10-10 03:11 EDT, Tazim Kolhar
no flags Details

  None (edit)
Description Eric Sammons 2012-08-28 14:15:40 EDT
Description of problem:
Having established a role with limited permissions and assigning to a user, the assigned user will fail to login receiving the error ResourceTypeNotFound in Dashboard#index.

Version-Release number of selected component (if applicable):
Headpin Version: 1.1.7-1.git.80.a08b40a.fc16

Steps to Reproduce:
1. Create user, orgaccess
2. Create role, org:Acme_Corporation, Resource:Organizations, Verb: Read Organizations.
3. Assign role to orgaccess
4. Logout
5. Login as user orgaccess
  
Actual results:
 ResourceTypeNotFound in Dashboard#index

Showing /usr/share/katello/app/views/common/_header.haml where line #12 raised:

Invalid resource type 'system_groups'. Resource Types can be one of 'roles, providers, activation_keys, users, all, environments, organizations'

Extracted source (around line #12):

9: 
10: = content_for(:tabs) do
11:   - if not current_user.nil?
12:     = render_menu(1)
13: 
14: = content_for(:widgets) do
15:   = hidden_field_tag 'get_notices_url', nil, 'data-url' => notices_get_new_path

Trace of template inclusion: app/views/layouts/katello.haml

Rails.root: /usr/share/katello
Application Trace | Framework Trace | Full Trace

app/models/resource_type.rb:87:in `check_type'
app/models/resource_type.rb:74:in `check'
app/models/user.rb:173:in `allowed_all_tags?'
app/models/user.rb:213:in `allowed_all_tags?'
app/models/system_group.rb:299:in `items'
app/models/system_group.rb:88
app/models/system.rb:167:in `any_readable?'
lib/navigation/systems.rb:35:in `menu_systems_org_list'
app/helpers/menu.rb:70:in `call'
app/helpers/menu.rb:70:in `prune_menu'
app/helpers/menu.rb:67:in `delete_if'
app/helpers/menu.rb:67:in `prune_menu'
app/helpers/menu.rb:76:in `prune_menu'
app/helpers/menu.rb:67:in `delete_if'
app/helpers/menu.rb:67:in `prune_menu'
app/helpers/menu.rb:30:in `render_menu'
app/views/common/_header.haml:12:in `_app_views_common__header_haml__701824947_70233089719660_1096030'
app/views/common/_header.haml:10:in `_app_views_common__header_haml__701824947_70233089719660_1096030'
app/views/layouts/katello.haml:45:in `_app_views_layouts_katello_haml__1375091108_70233089441020_245950'
app/controllers/application_controller.rb:309:in `render_error'
app/controllers/application_controller.rb:307:in `render_error'
app/controllers/application_controller.rb:53:in `__bind_1346177243_891923'
app/controllers/application_controller.rb:566:in `call'
app/controllers/application_controller.rb:566:in `execute_rescue'
app/controllers/application_controller.rb:53:in `__bind_1346177243_891923'

Expected results:
Dashboard, and limited access as defined by the role.

Additional info:
this simply appears to be a case where :widgets may have system_groups still defined and system_groups are not applicable to Headpin (SAM).
Comment 1 Tazim Kolhar 2012-09-18 05:24:33 EDT
Created attachment 613921 [details]
Organisations Access

Could not reproduce with the packages :
# rpm -qa | grep katello
katello-cli-common-1.1.8-1.git.2.a0908e7.fc16.noarch
katello-all-1.1.12-1.git.26.d683e16.fc16.noarch
katello-cli-headpin-1.1.1-1.git.59.e8fe8d3.fc16.noarch
katello-glue-candlepin-1.1.12-1.git.26.d683e16.fc16.noarch
katello-glue-pulp-1.1.12-1.git.26.d683e16.fc16.noarch
katello-1.1.12-1.git.26.d683e16.fc16.noarch
katello-certs-tools-1.1.8-1.fc16.noarch
katello-selinux-1.1.1-1.fc16.noarch
katello-glue-foreman-1.1.12-1.git.26.d683e16.fc16.noarch
katello-configure-1.1.9-1.fc16.noarch
katello-common-1.1.12-1.git.26.d683e16.fc16.noarch
katello-candlepin-cert-key-pair-1.0-1.noarch
katello-repos-1.1.2-1.fc16.noarch


Steps used to reproduce:

1. Create user, orgaccess
2. Create role, org:Acme_Corporation, Resource:Organizations, Verb: Read Organizations.
3. Assign role to orgaccess
4. Logout
5. Login as user orgaccess


Actual Results :
Able to login successfully.
ScreenShot attached.


Appears to be fixed
Comment 2 Jordan OMara 2012-09-18 09:26:50 EDT
https://github.com/Katello/katello/pull/636 - pretty confident this fixed this issue
Comment 3 Tazim Kolhar 2012-10-10 03:06:02 EDT
Created attachment 624613 [details]
Organisations Access

VERIFIED with the packages :

# rpm -qa | grep katello
katello-configure-1.1.11-1h.el6_3.noarch
katello-candlepin-cert-key-pair-1.0-1.noarch
katello-certs-tools-1.1.8-1h.el6_3.noarch
katello-glue-candlepin-1.1.14-2h.el6_3.noarch
katello-cli-common-1.1.10-1h.el6_3.noarch
katello-selinux-1.1.2-1h.el6_3.noarch
katello-cli-headpin-0.2.2-1.el6_2.noarch
katello-headpin-1.1.14-2h.el6_3.noarch
katello-common-1.1.14-2h.el6_3.noarch
katello-headpin-all-1.1.14-2h.el6_3.noarch
Comment 4 Tazim Kolhar 2012-10-10 03:11:18 EDT
Created attachment 624615 [details]
User with read only organisations

VERIFIED 

# rpm -qa | grep katello
katello-configure-1.1.11-1h.el6_3.noarch
katello-candlepin-cert-key-pair-1.0-1.noarch
katello-certs-tools-1.1.8-1h.el6_3.noarch
katello-glue-candlepin-1.1.14-2h.el6_3.noarch
katello-cli-common-1.1.10-1h.el6_3.noarch
katello-selinux-1.1.2-1h.el6_3.noarch
katello-cli-headpin-0.2.2-1.el6_2.noarch
katello-headpin-1.1.14-2h.el6_3.noarch
katello-common-1.1.14-2h.el6_3.noarch
katello-headpin-all-1.1.14-2h.el6_3.noarch
Comment 6 errata-xmlrpc 2013-02-21 14:17:30 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2013-0544.html

Note You need to log in before you can comment on or make changes to this bug.