view_params is missing
|Assigned To:||Ori Rabin|
|Found in release:||Pull request:||https://github.com/theforeman/foreman/pull/3624, https://github.com/theforeman/foreman/pull/3592|
|Velocity based estimate||-|
Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1296662
Description of problem:
The view_params permission in the Parameter resource is missing. This prevents us from allowing users to be able to view parameters.
Version-Release number of selected component (if applicable):
- hammer filter available-permissions --resource-type Parameter
ID | NAME | RESOURCE
67 | create_params | Parameter
68 | edit_params | Parameter
69 | destroy_params | Parameter
I'd expect to be assign the view_params permission to users (as edit_params is useless without this!).
Fixes #13164 - Add view_params permission
A new view_params permission was added for parameters inheriting from
Parameter object. The only exception is global parameters, which are
already handled by filter for CommonParameter resource.
This new permissions is also automatically added to viewer and site
manager roles, as well as any other roles with any of the existing
With the patch it's now also possible to use granular filters for all
parameters that Foreman supports.
#3 Updated by Dominic Cleal 10 months ago
Using Foreman 1.10.2-el7, I noticed that non-admins are unable to access parameters within the "Edit Locations" section when adding all parameter permissions from within the UI. Reviewing the filter permissions for the Parameters category, it appears the "view_params" permission does not show up which is needed for this feature to be shown to non-admins. I've added the view_params permission into the permissions table then added the view_params permission to the role and everything worked as expected :) insert into permissions (name,resource_type,created_at,updated_at) values ('view_params','Parameter',NOW(),NOW()); I'm unsure if this permission has been deprecated and needs to be altered within app/views/taxonomies/_form.html.erb or if we need to alter the seeds.d/03-permissions.rb to include the perm.
from foreman-dev. The use of view_params should probably be removed from this one view or implemented everywhere.