Project

General

Profile

Actions

Bug #1632

open

On login with minimal permissions, user is always taken to host page

Added by Adam Kosmin almost 12 years ago. Updated almost 10 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Users, Roles and Permissions
Target version:
-
Difficulty:
Triaged:
Fixed in Releases:
Found in Releases:

Description

Installed version: debian squeeze package 0.4.2-1

Steps to reproduce:

1. Create a role named 'guest'
2. Uncheck all permissions (uncheck/check all buttons do not work though) but leave only report ACLs enabled
- view_reports
- delete_reports
3. Create a user named 'guest' and assign to 'guest' role
4. Login as guest

This user still has access to 'hosts' and 'more' (although no submenus are available in the 'more' section).

There seems to be a strange relationship between the Anonymous role and other roles though. Disabling the 'hosts' related ACLs in the Anonymous role results in a permissions related error. It appears that the login redirection takes the logged in user straight to the 'hosts' area of the site.

What I'd really love is to be able to get the Anonymous role working so that only reports are available. This way, logins wouldn't be required at all just to view this subset of functionality.

Thanks


Related issues 3 (0 open3 closed)

Related to Foreman - Bug #6361: menu item "Hosts --> All hosts" is visible to normal user from anonymous role by defaultClosedDaniel Lobato Garcia06/24/2014Actions
Related to Foreman - Bug #1214: User might not be able to access root path if he has no permissions to view the dashboardResolved10/09/2011Actions
Has duplicate Foreman - Bug #6926: New user with just anonymous role will get 403 Forbidden upon logon to / (redirected to /hosts)Duplicate08/05/2014Actions
Actions #1

Updated by Dominic Cleal almost 10 years ago

  • Description updated (diff)

I think generally the login page will try and return the user to the original URL they requested, so if they hit / then it should take them to the dashboard (giving all users permission to view_dashboard seems a good idea). If there's no original URL then it defaults to the host list, which they might not have permission to access.

This needs to be more flexible based on the user's assigned permissions.

Actions #2

Updated by Dominic Cleal almost 10 years ago

  • Subject changed from Unable to strip foreman down to nothing but a report viewer to On login with minimal permissions, user is always taken to host page

I think the menu issues have been resolved in recent versions, but the issue with minimum permissions on login being given a denied message (particularly when missing the dashboard permission) is still a problem.

Actions #3

Updated by Dominic Cleal over 9 years ago

  • Has duplicate Bug #6926: New user with just anonymous role will get 403 Forbidden upon logon to / (redirected to /hosts) added
Actions #4

Updated by Dominic Cleal over 9 years ago

  • Related to Bug #6361: menu item "Hosts --> All hosts" is visible to normal user from anonymous role by default added
Actions #5

Updated by Dominic Cleal over 9 years ago

  • Related to Bug #1214: User might not be able to access root path if he has no permissions to view the dashboard added
Actions

Also available in: Atom PDF