Project

General

Profile

Bug #13920

Unable to view config reports in forman 1.11 rc1 as non admin user

Added by Chuck Schweizer over 3 years ago. Updated about 1 year ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Authorization
Target version:
Difficulty:
Triaged:
Bugzilla link:
Pull request:
Team Backlog:
Fixed in Releases:
Found in Releases:

Description

If a non admin user attempts to view a report in foreman 1.11 rc1 the following error is displayed.

ConfigReport not found Please try to update your request

Related issues

Related to Foreman - Feature #4151: Add STI to reports and allow for registering new report typesClosed2014-01-21
Is duplicate of Foreman - Bug #13545: Editing template throws "undefined method `profile=' for nil:NilClass" errorClosed2016-02-03

History

#1 Updated by Shlomi Zadok over 3 years ago

Does that user have the permission to view config reports?
In the role filter ensure that Resource type -> Config reports, view config reports is enabled for that user role.

#2 Updated by Chuck Schweizer over 3 years ago

Yes I made sure that the user's role had view config reports. Initially the role did not have this permission and the user did not even see the Config reports menu item. After adding the "view config reports" filter the menu appeared but this error is received when attempting to view a report.

This foreman server was upgraded from 1.10.0.

Shlomi Zadok wrote:

Does that user have the permission to view config reports?
In the role filter ensure that Resource type -> Config reports, view config reports is enabled for that user role.

#3 Updated by Dominic Cleal over 3 years ago

  • Category set to Authorization
  • Legacy Backlogs Release (now unused) set to 71

If you could enable permissions and SQL debug logging and upload the log while accessing the page as a non-admin user, that would provide useful data: http://theforeman.org/manuals/1.11/index.html#7.2Debugging

#5 Updated by Chuck Schweizer over 3 years ago

This configuration has no proxy servers. Foreman is just being used as a reporting backend at this time.

#6 Updated by Dominic Cleal over 3 years ago

Could you try running foreman-rake fix_db_cache to rebuild the DB cache of users versus their roles?

Strange that the menu is visible but the page isn't working, but it's possible the former doesn't use the DB cache and that's causing it. The two should obviously be consistent.

Did you provide the view_config_reports permission by adding it to an existing role, adding another role to the user or how exactly?

#7 Updated by Chuck Schweizer over 3 years ago

foreman-rake fix_db_cache did not change anything.

The issue I see is that (permissions.resource_type = 'Report') and it should be (permissions.resource_type = 'ConfigReport')

2016-02-29 14:46:10 [sql] [D]   Filter Load (1.8ms)  SELECT "filters".* FROM "filters" INNER JOIN "filterings" ON "filterings"."filter_id" = "filters"."id" INNER JOIN "permissions" ON "permissions"."id" = "filterings"."permission_id" INNER JOIN "roles" ON "filters"."role_id" = "roles"."id" INNER JOIN "cached_user_roles" ON "roles"."id" = "cached_user_roles"."role_id" WHERE "cached_user_roles"."user_id" = $1 AND (permissions.resource_type = 'Report') AND (permissions.name = 'view_config_reports')  ORDER BY filters.role_id, filters.id  [["user_id", 65]]

#8 Updated by Chuck Schweizer over 3 years ago

Here is the example output by changing Report to ConfigReport

foreman=# SELECT "filters".* FROM "filters" INNER JOIN "filterings" ON "filterings"."filter_id" = "filters"."id" INNER JOIN "permissions" ON "permissions"."id" = "filterings"."permission_id" INNER JOIN "roles" ON "filters"."role_id" = "roles"."id" INNER JOIN "cached_user_roles" ON "roles"."id" = "cached_user_roles"."role_id" WHERE "cached_user_roles"."user_id" = '65' AND (permissions.resource_type = 'Report') AND (permissions.name = 'view_config_reports')  ORDER BY filters.role_id, filters.id ;
 id | search | role_id | created_at | updated_at | taxonomy_search 
----+--------+---------+------------+------------+-----------------
(0 rows)

foreman=# SELECT "filters".* FROM "filters" INNER JOIN "filterings" ON "filterings"."filter_id" = "filters"."id" INNER JOIN "permissions" ON "permissions"."id" = "filterings"."permission_id" INNER JOIN "roles" ON "filters"."role_id" = "roles"."id" INNER JOIN "cached_user_roles" ON "roles"."id" = "cached_user_roles"."role_id" WHERE "cached_user_roles"."user_id" = '65' AND (permissions.resource_type = 'ConfigReport') AND (permissions.name = 'view_config_reports')  ORDER BY filters.role_id, filters.id ;
 id  | search | role_id |        created_at         |        updated_at         | taxonomy_search 
-----+--------+---------+---------------------------+---------------------------+-----------------
 121 |        |      10 | 2016-02-29 14:01:04.56838 | 2016-02-29 14:01:04.56838 | 
(1 row)

#9 Updated by Dominic Cleal over 3 years ago

  • Related to Feature #4151: Add STI to reports and allow for registering new report types added

#10 Updated by Dominic Cleal over 3 years ago

  • Status changed from New to Assigned
  • Assignee set to Dominic Cleal

#11 Updated by Dominic Cleal over 3 years ago

  • Is duplicate of Bug #13545: Editing template throws "undefined method `profile=' for nil:NilClass" error added

#12 Updated by Dominic Cleal over 3 years ago

The fix for #13545 fixes this too, leaving this open for now.

#13 Updated by Chuck Schweizer over 3 years ago

I confirmed this fixes the issue on my foreman server. Thanks,

#14 Updated by Justin Sherrill over 3 years ago

  • Status changed from Assigned to Closed

Also available in: Atom PDF