Bug #13164

view_params is missing

Added by Ori Rabin over 1 year ago. Updated 10 months ago.

Status:Closed
Priority:Normal
Assigned To:Ori Rabin
Category:Authorization
Target version:-
Difficulty: Bugzilla link:1296662
Found in release: Pull request:https://github.com/theforeman/foreman/pull/3624, https://github.com/theforeman/foreman/pull/3592
Story points-
Velocity based estimate-
Release1.13.0Release relationshipAuto

Description

Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1296662
Description of problem:
The view_params permission in the Parameter resource is missing. This prevents us from allowing users to be able to view parameters.

Version-Release number of selected component (if applicable):
6.1.5

How reproducible:
Repeatable:

Actual results:

  1. hammer filter available-permissions --resource-type Parameter
    ---|----------------|----------
    ID | NAME | RESOURCE
    ---|----------------|----------
    67 | create_params | Parameter
    68 | edit_params | Parameter
    69 | destroy_params | Parameter
    ---|----------------|----------

Expected results:

I'd expect to be assign the view_params permission to users (as edit_params is useless without this!).


Related issues

Related to Foreman - Refactor #15496: Simplify all parameter kinds permissions New 06/22/2016
Related to Foreman - Bug #15599: Unattended controller can't access host parameters in kic... Closed 07/07/2016
Related to Foreman Remote Execution - Bug #15605: Tests failing with latest Foreman Closed 07/07/2016
Related to Foreman - Bug #15629: Validation errors for Domain and OS Parameters tab not sh... Closed 07/08/2016
Related to Foreman - Bug #17395: @host.params are not interpreted when was used in ptable ... Closed 11/18/2016

Associated revisions

Revision c7f55be1
Added by Ori Rabin 10 months ago

Fixes #13164 - Add view_params permission

A new view_params permission was added for parameters inheriting from
Parameter object. The only exception is global parameters, which are
already handled by filter for CommonParameter resource.

This new permissions is also automatically added to viewer and site
manager roles, as well as any other roles with any of the existing
Parameters permissions.

With the patch it's now also possible to use granular filters for all
parameters that Foreman supports.

Contributions from:

Revision 94265cf7
Added by Ori Rabin 10 months ago

Refs #13164 - Consistent parameters authorization in api

History

#1 Updated by The Foreman Bot over 1 year ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/3060 added

#2 Updated by Dominic Cleal over 1 year ago

  • Category set to Authorization
  • Status changed from Ready For Testing to Assigned
  • Priority changed from High to Normal

#3 Updated by Dominic Cleal about 1 year ago

Using Foreman 1.10.2-el7, I noticed that non-admins are unable to access parameters within the "Edit Locations" section when adding all parameter permissions from within the UI.
Reviewing the filter permissions for the Parameters category, it appears the "view_params" permission does not show up which is needed for this feature to be shown to non-admins.

I've added the view_params permission into the permissions table then added the view_params permission to the role and everything worked as expected :)
insert into permissions (name,resource_type,created_at,updated_at) values ('view_params','Parameter',NOW(),NOW());

I'm unsure if this permission has been deprecated and needs to be altered within app/views/taxonomies/_form.html.erb or if we need to alter the seeds.d/03-permissions.rb to include the perm.

from foreman-dev. The use of view_params should probably be removed from this one view or implemented everywhere.

#4 Updated by The Foreman Bot about 1 year ago

  • Status changed from Assigned to Ready For Testing

#5 Updated by The Foreman Bot 10 months ago

  • Pull request https://github.com/theforeman/foreman/pull/3592 added

#6 Updated by Marek Hulán 10 months ago

  • Related to Refactor #15496: Simplify all parameter kinds permissions added

#7 Updated by Dominic Cleal 10 months ago

  • Release set to 1.13.0

#8 Updated by Ori Rabin 10 months ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

#9 Updated by Tomer Brisker 10 months ago

  • Pull request deleted (https://github.com/theforeman/foreman/pull/3060)

#10 Updated by The Foreman Bot 10 months ago

  • Pull request https://github.com/theforeman/foreman/pull/3624 added

#11 Updated by Dominic Cleal 10 months ago

  • Related to Bug #15599: Unattended controller can't access host parameters in kickstart templates added

#12 Updated by Ivan Necas 10 months ago

  • Related to Bug #15605: Tests failing with latest Foreman added

#13 Updated by Ivan Necas 10 months ago

  • Related to Bug #15629: Validation errors for Domain and OS Parameters tab not showing added

#14 Updated by Dominic Cleal 5 months ago

  • Related to Bug #17395: @host.params are not interpreted when was used in ptable kickstart template. added

Also available in: Atom PDF