Project

General

Profile

Actions

Bug #10634

closed

API user can't edit templates without admin rights

Added by Alex Fisher over 9 years ago. Updated over 8 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
API
Target version:
-
Difficulty:
Triaged:
Fixed in Releases:
Found in Releases:

Description

Hello

I have a service-account user (jenkins) assigned an 'Edit Templates' role.
The role has the following permissions. view_templates, create_templates, edit_templates, deploy_templates, lock_templates.

Until a recent upgrade to foreman 1.8 (from 1.6), the user (via a jenkins job and some ruby) was successfully using the API to upload templates from a git repository.
This now no longer works unless the user is also made an 'admin'. Without this setting, the API returns a 404 error.

Unlocking template: 49{:config_template=>{:locked=>false}}
rake aborted!
RestClient::ResourceNotFound: 404 Resource Not Found

The problem still exists in 1.8.1 and was not fixed by http://projects.theforeman.org/issues/9687

Many Thanks,
Alex


Related issues 1 (0 open1 closed)

Related to Foreman - Bug #9687: Provisioning Template Roles: view_template, edit_template doesn't render on 1.7.3 for non-adminClosedMarek Hulán03/09/2015Actions
Actions #1

Updated by Dominic Cleal over 9 years ago

  • Related to Bug #9687: Provisioning Template Roles: view_template, edit_template doesn't render on 1.7.3 for non-admin added
Actions #2

Updated by Dominic Cleal over 9 years ago

  • Category set to API

I suspect that "controller_permission" needs to be in the API controllers and not just the UI controllers. #9687 fixed the API base controller to obey it, but it isn't present.

Actions #3

Updated by Dominic Cleal over 8 years ago

  • Status changed from New to Resolved

This was fixed in 1.9 due to a renaming of templates internally (#7096). There's a new issue in 1.10 or higher though, being fixed under #14000.

Actions

Also available in: Atom PDF