Project

General

Profile

Actions

Bug #14505

closed

Foreman smart proxy puppetca certificates not shown

Added by Robert Heinzmann almost 8 years ago. Updated over 5 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Users, Roles and Permissions
Target version:
Difficulty:
Triaged:
Fixed in Releases:
Found in Releases:

Description

I have a user with the following permissions:

shell# hammer --output json user info --login XXXX
{
  "Id": XXXX,
  "Login": "XXXXX",
  "Name": "XXXXXXXXXXXXXXXX",
  "Email": "XXXXXXXXXXXXXXXXX",
  "Admin": false,
  "Authorized by": {
    "id": 1,
    "type": "AuthSourceInternal",
    "name": "Internal" 
  },
  "Locale": "XX",
  "Timezone": "XX",
  "Last login": "XXXXXXXXXXXXX",
  "Default organization": null,
  "Default location": null,
  "Roles": [
    {
      "name": "AccountAdministrator",
      "id": 9
    },
    {
      "name": "Anonymous",
      "id": 8
    }
  ],
  "User groups": [

  ],
  "Created at": "XXXX",
  "Updated at": "XXXX" 
}

shell# hammer --output json filter list --search "--role=AccountAdministrator" 

  {
    "Id": XXXX,
    "Resource type": "SmartProxy",
    "Search": "none",
    "Unlimited?": true,
    "Role": {
      "name": "AccountAdministrator",
      "id": XXXX
    },
    "Permissions": [
      "view_smart_proxies",
      "view_smart_proxies_autosign",
      "view_smart_proxies_puppetca",
      "edit_smart_proxies_puppetca",
      "destroy_smart_proxies_puppetca" 
    ]
  },

However on centos7 + foreman-1.11.0-1.el7.noarch I can not see the certificates (See Screeshot)

If I grant "Manager" permissions to the user, it still does not work.


Files

Actions #1

Updated by Dominic Cleal almost 8 years ago

  • Description updated (diff)
  • Category set to PuppetCA
  • translation missing: en.field_release set to 141

Authorisation related issue, as admin privileges work.

Actions #2

Updated by Robert Heinzmann almost 8 years ago

One note: If I set user "admin", everything works as expected.

Actions #3

Updated by Tomer Brisker almost 8 years ago

  • Category changed from PuppetCA to Users, Roles and Permissions
  • Status changed from New to Assigned
  • Assignee set to Tomer Brisker

A quick investigation leads me to believe many of the permissions for smart proxies are broken. Changing to authorization.

Actions #4

Updated by The Foreman Bot almost 8 years ago

  • Status changed from Assigned to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/3397 added
Actions #5

Updated by Tomer Brisker almost 8 years ago

  • Bugzilla link set to 1324516
Actions #6

Updated by Anonymous almost 8 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100
Actions #7

Updated by Robert Heinzmann almost 8 years ago

I tested the patch on our installation, and now everything works ok. I can see the Tabs.

Actions

Also available in: Atom PDF