Bug #20104

fix_db_cache needs to run with admin permissions

Added by Daniel Lobato Garcia about 1 month ago. Updated about 1 month ago.

Status:Closed
Priority:Normal
Assigned To:Daniel Lobato Garcia
Category:Database
Target version:-
Difficulty: Bugzilla link:1473910
Found in release:1.15.0 Pull request:https://github.com/theforeman/foreman/pull/4622
Story points-
Velocity based estimate-
Release1.15.2Release relationshipAuto

Description

The rake task 'fix_db_cache' triggers CacheManager, and CacheManager tries to find roles, user groups, etc.. without any permissions. This will cause it to fail with an error similar to https://gist.github.com/52da11cb368ec530bcf0247d3ee38855 .

Many of the actions called by CacheManager, like UsergroupMember.save will have to find objects that needs permissions to be viewed, hence CacheManager has to be called "as_admin".

Associated revisions

Revision c1ca2c0d
Added by Daniel Lobato Garcia about 1 month ago

Fixes #20104 - fix_db_cache needs to run as admin

The rake task 'fix_db_cache' triggers CacheManager, and CacheManager
tries to find roles, user groups, etc.. without any permissions. This
will cause it to fail with an error similar to
https://gist.github.com/52da11cb368ec530bcf0247d3ee38855 .

Many of the actions called by CacheManager, like UsergroupMember.save
will have to find objects that needs permissions to be viewed, hence
CacheManager has to be called "as_admin".

Similarly an user may destroy or save a new UsergroupMember. The cache
needs to be updated with information about all user groups in the
system, not only the ones visible to the user making the change.

History

#1 Updated by Daniel Lobato Garcia about 1 month ago

  • Release set to 1.15.2

#2 Updated by The Foreman Bot about 1 month ago

  • Status changed from New to Ready For Testing
  • Assigned To set to Daniel Lobato Garcia
  • Pull request https://github.com/theforeman/foreman/pull/4622 added

#3 Updated by Anonymous about 1 month ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

#4 Updated by Marek Hulán about 1 month ago

  • Bugzilla link set to 1473910

Also available in: Atom PDF