Bug #14535
closed
/api/smart_class_parameters needs administrator permissions
Description
It seems that since Foreman version 1.10 (at least 1.10.3) I need to give a user administrator permissions to access /api/smart_class_parameters
Is this by design?
I also can't seem to limit access to a specific search on "Lookup key" anymore, is this by design?
Updated by Dominic Cleal about 8 years ago
- Category set to Users, Roles and Permissions
- Status changed from New to Need more information
The *_external_variables permissions should give access to this API, please check you've assigned it to the user. If that doesn't work, please attach production.log during the access, with debugging and the permissions logger enabled: http://theforeman.org/manuals/1.10/index.html#7.2Debugging
Updated by Sander Hoentjen about 8 years ago
Dominic Cleal wrote:
The *_external_variables permissions should give access to this API, please check you've assigned it to the user.
Yes, I have assigned those. With 1.9 I used search for that as well, so to be sure I removed and re-added the permissions but without any success.
2016-04-08 11:29:33 [app] [I] Started GET "/api/smart_class_parameters?search=key+%3D+some_key+and+puppetclass+%3D+some%3A%3Aclass" for 10.99.0.232 at 2016-04-08 11:29:33 +0200
2016-04-08 11:29:33 [app] [I] Processing by Api::V2::SmartClassParametersController#index as JSON
2016-04-08 11:29:33 [app] [I] Parameters: {"search"=>"key = some_key and puppetclass = some::class", "apiv"=>"v2", "smart_class_parameter"=>{}}
2016-04-08 11:29:33 [app] [I] Authorized user some_user(Some User)
2016-04-08 11:29:33 [permissions] [D] checking permission view_external_variables
2016-04-08 11:29:33 [permissions] [D]
2016-04-08 11:29:33 [permissions] [D] no filters found for given permission
2016-04-08 11:29:33 [permissions] [D] checking permission view_external_variables
2016-04-08 11:29:33 [permissions] [D]
2016-04-08 11:29:33 [permissions] [D] no filters found for given permission
2016-04-08 11:29:33 [app] [I] Rendered api/v2/smart_class_parameters/index.json.rabl within api/v2/layouts/index_layout (10.4ms)
2016-04-08 11:29:33 [permissions] [D] checking permission view_external_variables
2016-04-08 11:29:33 [permissions] [D]
2016-04-08 11:29:33 [permissions] [D] no filters found for given permission
Updated by Dominic Cleal about 8 years ago
- Related to Refactor #10832: Make LookupKey an STI for puppet and variable keys added
Updated by Dominic Cleal about 8 years ago
- Subject changed from /api/smart_class_parameters needs administrator permissions? to /api/smart_class_parameters needs administrator permissions
- Status changed from Need more information to New
The authorisation step is checking for a resource type that doesn't match what's stored in the seeded permissions, it's looking up: permissions.resource_type = 'PuppetclassLookupKey'. Prior to #10832, the resource type would always be LookupKey, but db/seeds.d/03-permissions.rb isn't updated with the new PuppetLookupKey/VariableLookupKey resource types.
Updated by Dominic Cleal about 8 years ago
- Related to Bug #14546: No ability to restrict *_external_variables with search anymore added
Updated by The Foreman Bot almost 8 years ago
- Status changed from New to Ready For Testing
- Assignee set to Ori Rabin
- Pull request https://github.com/theforeman/foreman/pull/3530 added
Updated by Ori Rabin almost 8 years ago
- Status changed from Ready For Testing to Closed
- % Done changed from 0 to 100
Applied in changeset 3fe2ea3df66bd2e2e35416df090323f0e54a85ef.
Updated by Dominic Cleal almost 8 years ago
- translation missing: en.field_release set to 136
Updated by Tomer Brisker over 7 years ago
- Related to Bug #15321: Cannot save smart parameter bookmarks added