Description of problem: When loggout out of UserPortal with user that have permissions to see (manipulate) VMs (tested on pooled VMs) next user that is logged in can see all the VMs that last user had in UserPortal (can't manipulate them) after refresh rate (5secs in my UP) Vms are not updated but stays visible even that current user doesn't have any user permissions for Vms. However current user cannot run/stop/... Vms that he can see onle see the status that they were left by previouse user. Version-Release number of selected component (if applicable): 3.1.0 si16 How reproducible: always Steps to Reproduce: 1. log to WebAdmin, create pool, assign it to User1 2. log to User Portal with User1, log out 3. log to User Portal with User2 which doesn't have permissions for pooled Vms Actual results: User2 can see Vms even if he doesn't have permissions to.. Expected results: Vms tab for UserPortal should be refreshed on login and refreshed every "refresh-interval" seconds
Hey, There are some things not clear from the description. I'll tell you what I've done, and please correct my steps. I tries two scenarios: First (regular UP): 1. Created a pool and gave user1 permissions on (UserRole). 2. Gave user2 UserRole permissions on other vm/pool , so that he would be able to login to the user portal. 3. Logged in with user1 - saw the VMs in the pool 4. Logged out, and logged in with user2 - didn't see the VMs. Second (extended UP): 1. Created a pool and gave user1 permissions on (PowerUser). 2. Gave user2 PowerUser permissions on vm/pool, so that he would be able to login to the user portal. 3. Logged in with user1 - saw the VMs in the pool 4. Logged out, and logged in with user2 - didn't see the VMs (I tried it several times. The closest thing to what you described was their visibility for split a second). Are my steps above correct? Can you give the exact steps to reproduce (what roles did you give and where?). I also found refresh in the UP working in other scenarios (I logged in to webadmin, removed a user from the permissions tab on a VM, and saw it was removed from the UP view). Thank you, Oved
Can't reproduce. If it reproduces for you in the latest version, then please re-open with all the neccesary information.
Your first scenario seems to be same as mine... i tried it now in si17 and it's still not refreshing on login... however after 10second (my refresh interval) page is refreshed and pooled Vms dissappears and Users Vms appears... adding exact steps: 1. Create pool with 2 Vms 2. add User role to USER1 on pool (not to whole system) 3. add User role to USER2 on some not pooled VM (so he can log to userportal) 4. log to UserPortal with USER1 (he should see pooled VM) 5. log out of UserPortal 6. log to UserPortal with USER2 (he can see pooled VMs of USER1 for first 10 seconds) when USER2 tries to run VM in first 10 seconds error message saying "User is not authorized to perform this action." pops out... Luke
(In reply to comment #3) > Your first scenario seems to be same as mine... i tried it now in si17 and > it's still not refreshing on login... however after 10second (my refresh > interval) page is refreshed and pooled Vms dissappears and Users Vms > appears... adding exact steps: > > 1. Create pool with 2 Vms > 2. add User role to USER1 on pool (not to whole system) > 3. add User role to USER2 on some not pooled VM (so he can log to userportal) > 4. log to UserPortal with USER1 (he should see pooled VM) In this case he should see only the VM Pool, and not all the VMs inside it. Is that what you see? > 5. log out of UserPortal > 6. log to UserPortal with USER2 (he can see pooled VMs of USER1 for first 10 > seconds) > > when USER2 tries to run VM in first 10 seconds error message saying "User is > not authorized to perform this action." pops out... > > Luke I still can't reproduce it. I logged in with USER1, saw the VM pool, I logged out and in with USER2, and I saw the VM he has permissions on (and not the VM pool that USER1 has permissions on). Maybe it is some browser issue? What browser are you using? Can I connect to your environment and check this issue?
(In reply to comment #4) > (In reply to comment #3) > > Your first scenario seems to be same as mine... i tried it now in si17 and > > it's still not refreshing on login... however after 10second (my refresh > > interval) page is refreshed and pooled Vms dissappears and Users Vms > > appears... adding exact steps: > > > > 1. Create pool with 2 Vms > > 2. add User role to USER1 on pool (not to whole system) > > 3. add User role to USER2 on some not pooled VM (so he can log to userportal) > > 4. log to UserPortal with USER1 (he should see pooled VM) > In this case he should see only the VM Pool, and not all the VMs inside it. > Is that what you see? > First user can see all the VMs that he have permissions to... But after relog with different user the VM tab is not refreshed corretly... > > 5. log out of UserPortal > > 6. log to UserPortal with USER2 (he can see pooled VMs of USER1 for first 10 > > seconds) > > > > when USER2 tries to run VM in first 10 seconds error message saying "User is > > not authorized to perform this action." pops out... > > > > Luke > > I still can't reproduce it. > > I logged in with USER1, saw the VM pool, I logged out and in with USER2, and > I saw the VM he has permissions on (and not the VM pool that USER1 has > permissions on). > > Maybe it is some browser issue? What browser are you using? > Can I connect to your environment and check this issue? this issue happend to me on FF15 so the problem might be in new FF version...
on si18.1 in FF15 UP is again not refreshed after 5 seconds (my refresh interval)
I'll test it in your environment. Also CC-ing Daniel and Einav as they might be able to give some info regarding the different behavior between browsers, and how to fix it.
OK. Seems like it isn't browser related, as I'm seeing this behavior in your environment, both when using FF14, and chrome. I'm now trying to somehow reproduce it in my environment, so that I can debug it properly.
Posted fix (in the courtesy of Daniel Erez): http://gerrit.ovirt.org/#/c/8132
There was an issue with the previous patch. New patch was posted and submitted: Commit: a85b37bc45a01874e2b63dcf36e5f0b2cd2eb6b0 http://gerrit.ovirt.org/gitweb?p=ovirt-engine.git;a=commit;h=a85b37bc45a01874e2b63dcf36e5f0b2cd2eb6b0
*** Bug 869316 has been marked as a duplicate of this bug. ***