Bug 963204 - 'Cannot obtain the current system settings' after user with NO roles login
'Cannot obtain the current system settings' after user with NO roles login
Status: NEW
Product: RHQ Project
Classification: Other
Component: Core Server, Core UI (Show other bugs)
4.8
Unspecified Unspecified
unspecified Severity high (vote)
: ---
: ---
Assigned To: RHQ Project Maintainer
Mike Foley
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-05-15 07:35 EDT by Libor Zoubek
Modified: 2015-11-01 19:45 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Libor Zoubek 2013-05-15 07:35:13 EDT
Description of problem:

I am getting error in UI when I log in as an user without any permissions/roles.

Version-Release number of selected component (if applicable):
Version: 4.8.0-SNAPSHOT
Build Number: 6079e06

How reproducible: always


Steps to Reproduce:
1. create a user without any role
2. login as new user
  
Actual results: UI Shows this errror:


Severity :	
Error

Time :	
Wednesday, May 15, 2013 1:23:19 PM UTC+2
Root Cause :	
[1368616999533] org.rhq.enterprise.server.authz.PermissionException:Subject [lzoubek] is not authorized for [MANAGE_SETTINGS]: invocation: method=public org.rhq.core.domain.common.composite.SystemSettings org.rhq.enterprise.server.system.SystemManagerBean.getSystemSettings(org.rhq.core.domain.auth.Subject),context-data={}

Expected results: No error, dashboard page should NOT require user to have MANAGE_SETTINGS permission

Additional info: I am logging into main (Dashboard) page
Comment 1 Libor Zoubek 2013-06-06 07:45:39 EDT
I am exepriencing similar MANAGE_SETTINGS requirement when I request server status via REST  as user without any roles.

Note You need to log in before you can comment on or make changes to this bug.