Project

General

Profile

Bug #10898

Auto-provision a host via Discovery_Manager role rasies undefined method

Added by Lukas Zapletal almost 8 years ago. Updated about 7 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Lukas Zapletal
Category:
Discovery plugin
Difficulty:
Triaged:
No
Bugzilla link:
1202336
Pull request:
https://github.com/theforeman/foreman_discovery/pull/197, https://github.com/theforeman/foreman_discovery/pull/203
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

Description of problem:
Created a user and assigned "discovery Manager" role to it. When login with created user, I can see the discovered host.

But when I selected "auto_provision" from dropdown, I got following error in production.log:

--
2015-03-16 12:37:54 [I] Processing by DiscoveredHostsController#auto_provision as HTML
2015-03-16 12:37:54 [I] Parameters: {"authenticity_token"=>"koGOJke03MsLI8HDVy1arpNmYfRxI1WGctnPfMpsczE=", "id"=>"mac52540032b2de"}
2015-03-16 12:37:54 [W] Operation FAILED: undefined method `transaction' for nil:NilClass
2015-03-16 12:37:54 [I] Rendered common/500.html.erb within layouts/application (5.0ms)
2015-03-16 12:37:54 [I] Rendered layouts/base.html.erb (1.4ms)
2015-03-16 12:37:54 [I] Completed 500 Internal Server Error in 48ms (Views: 8.7ms | ActiveRecord: 8.3ms)
--

https://bugzilla.redhat.com/show_bug.cgi?id=1202336

Related issues

Related to Foreman - Feature #10900: Ship all built-in roles as read-only and provide a way to clone rolesNew2015-06-22

Associated revisions

Revision a6826bee (diff)
Added by Lukas Zapletal over 7 years ago

Fixes #10898 - review auto provisioning and rules permissions

This patch fixes auto provisioning permissions and also aligns
action_permission strings with what is expected in security blocks. I
basically reviewed all our permissions and introduced
`submit_discovered_hosts` and `auto_provision_discovered_hosts`. Also,
permission `new_discovery_rules` was renamed to `create_*` because this was
never working (our permission stack expects `create_` prefix by default).

Since existing roles are never changed via the `role` DSL, I am attaching a
migration that adds new permissions (they are all new so we can do this
without security considerations) and deletes the renamed one.

We must add this to release notes for the next release, users need to update
their own roles.

Unit tests will come in a separate commit.

Revision adc23e49 (diff)
Added by Lukas Zapletal about 7 years ago

Refs #10898 - review auto provisioning and rules permissions (tests)

History

#1 Updated by Lukas Zapletal almost 8 years ago

  • Related to Feature #10900: Ship all built-in roles as read-only and provide a way to clone roles added

#2 Updated by Lukas Zapletal almost 8 years ago

Ok this stems from the fact that Discovery Manager is missing some permissions.

WORKAROUND: Delete the role, restart the server, will be recreated with correct perms.

#3 Updated by The Foreman Bot over 7 years ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/foreman_discovery/pull/197 added
  • Pull request deleted ()

#4 Updated by Anonymous over 7 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

#5 Updated by The Foreman Bot about 7 years ago

  • Pull request https://github.com/theforeman/foreman_discovery/pull/203 added

Also available in: Atom PDF