Bug #5664
closedUsers permissions on hosts are not working properly with organizations
Description
Hi ,
After an upgrade from 1.4.1 to 1.5 , users are unable to perform their old tasks (build ,run puppet , edit hosts etc) .
After taking a closer look at the user permissions , I've noticed that old user roles were renamed to "Anonymous_<username>_<oldrole> " .
I really have to sort it out quickly since users can't work .
I tried removing the new roles and adding back the old ones but it didn't fix everything ,now those "manually edited" users appear in red under:
organizations --> QE-Test->users
and cannot be associated with the org (qe-test).
Thanks !
Updated by Dominic Cleal over 10 years ago
- Tracker changed from Feature to Bug
- Target version set to 1.8.3
Were any permissions assigned to the new roles? What permissions were assigned to users in 1.4?
Updated by Dominic Cleal over 10 years ago
- Category changed from Authentication to Users, Roles and Permissions
Updated by Marek Hulán over 10 years ago
- Status changed from New to Assigned
- Assignee set to Marek Hulán
Updated by Marek Hulán over 10 years ago
The migration assigned all filters to user's organizations, however Host filters do not support organizations (they do not include Taxonomix) and hosts can be assigned only to one organization. The code that searches filters raised an exception which is ignored silently and the result of searching was an empty set.
To remove host filter taxonomy associations you can run these two commands in rails console. The second one should print true. Don't forget to backup your database before running it. This will remove any organization assignment of host filters. It may not be your desired setup so be careful.
filters = Filter.all.select { |filter| filter.resource_type == 'Host'&& !filter.taxonomy_search.nil? }
filters.map { |filter| filter.update_attribute :taxonomy_search, nil }
I'll work on fixing taxonomy filters for hosts and disallowing it for resources that do not support them. Also I'll try to find the silent exception swallowing and remove it.
Updated by Dominic Cleal over 10 years ago
- Translation missing: en.field_release set to 16
Updated by Dominic Cleal over 10 years ago
- Blocks Tracker #4552: New permissions/authorization system issues added
Updated by Marek Hulán over 10 years ago
- Subject changed from Users permissions in 1.5 are not working properly to Users permissions on hosts are not working properly with organizations
- Status changed from Assigned to Ready For Testing
Migration works correctly. I fixed the scopes on Host object, since it does not include Taxonomix (because host belongs to one taxonomy) we have to define scope manually.
Updated by Marek Hulán over 10 years ago
- Status changed from Ready For Testing to Closed
- % Done changed from 0 to 100
Applied in changeset 82b4749eeddabc542ebf1eaec6fdf2d76d2fdd75.
Updated by Dominic Cleal over 10 years ago
- Related to Bug #5879: undefined local variable or method `scoped_search_definition' setting when setting permission filters added
Updated by Dominic Cleal over 10 years ago
- Related to Bug #5541: Filter of resource type Organization can result in error condition when trying to access organization resources added
Updated by Bryan Kearney over 10 years ago
- Bugzilla link set to https://bugzilla.redhat.com/show_bug.cgi?id=1107702