Bug #5696

Migration of Admin users from 1.4 -> 1.5 results in "Role Name_username" roles that cannot be removed and cleaned up.

Added by Derek Wright over 3 years ago. Updated over 3 years ago.

Status:Closed
Priority:Normal
Assigned To:Marek Hulán
Category:Authorization
Target version:Sprint 24
Difficulty: Bugzilla link:1105570
Found in release:1.5.0 Pull request:
Story points-
Velocity based estimate-
Release1.5.1Release relationshipAuto

Description

Initially produced by exporting prod Foreman 1.4.2 DB into vagrant instance for upgrade testing. After upgrading vagrant instance to 1.5, users marked as Admin had migration roles created but no "Roles" tab under their username to clean up the old roles. Migration may need to skip users marked as "Admin" or, before migration, remove Admin role from users (other than the Foreman default user admin).


Related issues

Duplicated by Foreman - Bug #5695: Administrator checkbox is not visible when editing a user Duplicate 05/13/2014
Duplicated by Foreman - Bug #6259: Administrator user privileges cannot be demoted Duplicate 06/17/2014
Blocks Foreman - Tracker #4552: New permissions/authorization system issues New 03/05/2014

Associated revisions

Revision 78ccb985
Added by Marek Hulán over 3 years ago

Fixes #5696 - Allow taxonomy and roles display

Revision be5fff8c
Added by Marek Hulán over 3 years ago

Fixes #5696 - Allow taxonomy and roles display

(cherry picked from commit 78ccb98504de455dcfa113df52f54f890a511ec4)

History

#1 Updated by Dominic Cleal over 3 years ago

  • Blocks Tracker #4552: New permissions/authorization system issues added

#2 Updated by Dominic Cleal over 3 years ago

  • Category set to DB migrations

#3 Updated by Derek Wright over 3 years ago

Also another note, when setting Admin on an individual user after the Upgrade to 1.5, their roles tab is no longer available. There is no way (that I can see in the UI) to remove admin privs from that user afterwards.

#4 Updated by Marek Hulán over 3 years ago

  • Category changed from DB migrations to Authorization
  • Status changed from New to Assigned
  • Assigned To set to Marek Hulán
  • Target version set to Sprint 23
  • Found in release set to 1.5.0

The problem is that we don't display form in case when we try to edit another admin user or we try to edit our own profile. Which is definitely a bug because there is no way to modify admin's permissions/orgs/locs. It's not related to new permissions, this was added in https://github.com/theforeman/foreman/pull/1191 not sure why yet. Is the correct behaviour to display it to anybody with :edit_users permission on a particular user maybe even if I'm editing myself?

#5 Updated by Marek Hulán over 3 years ago

  • Status changed from Assigned to Ready For Testing

#6 Updated by Dmitri Dolguikh over 3 years ago

  • Target version changed from Sprint 23 to Sprint 24

#7 Updated by Dominic Cleal over 3 years ago

  • Release set to 1.5.1

#8 Updated by Marek Hulán over 3 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

#9 Updated by Dominic Cleal over 3 years ago

  • Bugzilla link set to https://bugzilla.redhat.com/show_bug.cgi?id=1105570

#10 Updated by Dominic Cleal over 3 years ago

  • Duplicated by Bug #5695: Administrator checkbox is not visible when editing a user added

#11 Updated by Dominic Cleal over 3 years ago

  • Duplicated by Bug #6259: Administrator user privileges cannot be demoted added

Also available in: Atom PDF