Bug #10898
Auto-provision a host via Discovery_Manager role rasies undefined method
Description
Description of problem:
Created a user and assigned "discovery Manager" role to it. When login with created user, I can see the discovered host.
But when I selected "auto_provision" from dropdown, I got following error in production.log:
--
2015-03-16 12:37:54 [I] Processing by DiscoveredHostsController#auto_provision as HTML
2015-03-16 12:37:54 [I] Parameters: {"authenticity_token"=>"koGOJke03MsLI8HDVy1arpNmYfRxI1WGctnPfMpsczE=", "id"=>"mac52540032b2de"}
2015-03-16 12:37:54 [W] Operation FAILED: undefined method `transaction' for nil:NilClass
2015-03-16 12:37:54 [I] Rendered common/500.html.erb within layouts/application (5.0ms)
2015-03-16 12:37:54 [I] Rendered layouts/base.html.erb (1.4ms)
2015-03-16 12:37:54 [I] Completed 500 Internal Server Error in 48ms (Views: 8.7ms | ActiveRecord: 8.3ms)
--
Related issues
Associated revisions
Refs #10898 - review auto provisioning and rules permissions (tests)
History
#1
Updated by Lukas Zapletal almost 8 years ago
- Related to Feature #10900: Ship all built-in roles as read-only and provide a way to clone roles added
#2
Updated by Lukas Zapletal almost 8 years ago
Ok this stems from the fact that Discovery Manager is missing some permissions.
WORKAROUND: Delete the role, restart the server, will be recreated with correct perms.
#3
Updated by The Foreman Bot over 7 years ago
- Status changed from New to Ready For Testing
- Pull request https://github.com/theforeman/foreman_discovery/pull/197 added
- Pull request deleted (
)
#4
Updated by Anonymous over 7 years ago
- Status changed from Ready For Testing to Closed
- % Done changed from 0 to 100
Applied in changeset foreman_discovery|a6826bee71d7818959aca7dbbba035fb94a8c204.
#5
Updated by The Foreman Bot about 7 years ago
- Pull request https://github.com/theforeman/foreman_discovery/pull/203 added
Fixes #10898 - review auto provisioning and rules permissions
This patch fixes auto provisioning permissions and also aligns
action_permission strings with what is expected in security blocks. I
basically reviewed all our permissions and introduced
`submit_discovered_hosts` and `auto_provision_discovered_hosts`. Also,
permission `new_discovery_rules` was renamed to `create_*` because this was
never working (our permission stack expects `create_` prefix by default).
Since existing roles are never changed via the `role` DSL, I am attaching a
migration that adds new permissions (they are all new so we can do this
without security considerations) and deletes the renamed one.
We must add this to release notes for the next release, users need to update
their own roles.
Unit tests will come in a separate commit.