Project

General

Profile

Bug #17757

Standard user is unable to access "Red Hat Subscriptions" page

Added by Walden Raines over 6 years ago. Updated almost 5 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Subscriptions
Target version:
Difficulty:
Triaged:
Bugzilla link:
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1399725
Description of problem:
Standard user is unable to access Content --> "Red Hat Subscriptions" page even after assigning Viewer role.

Version-Release number of selected component (if applicable):
6.2.1, 6.2.3, 6.2.4 (6.2.x)

How reproducible:
Always

Steps to Reproduce:
1.Create a test user. Fill all details (password, assign organisation on default login, etc)
2. From Roles select Viewer and submit
3.Login with that user and access the "Red Hat Subscriptions" page

Actual results:
Will get error on screen -- "We're sorry, but something went wrong."

Expected results:

User should be able to see subscription page

Additional info:

PFA : screenshot of the error on webUI

And below is the log output of foreman-tail:

> /var/log/foreman/production.log <
2016-11-30 02:31:07 [app] [I] Processing by Katello::ApplicationController#permission_denied as HTML
2016-11-30 02:31:12 [app] [I] Rendered /opt/theforeman/tfm/root/usr/share/gems/gems/katello-3.0.0.81/app/views/katello/api/v2/subscriptions/manifest_history.json.rabl within katello/api/v2/layouts/collection (9.9ms)
2016-11-30 02:31:12 [app] [I] Completed 200 OK in 5244ms (Views: 89.9ms | ActiveRecord: 25.8ms) > /var/log/httpd/foreman-ssl_access_ssl.log <
10.76.1.98 - - [30/Nov/2016:02:31:06 +0530] "GET /katello/api/v2/organizations/1/subscriptions/manifest_history? HTTP/1.1" 200 147 "https://10.65.10.138/subscriptions/manifest/import" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.59 Safari/537.36" > /var/log/foreman/production.log <
2016-11-30 02:31:13 [app] [I] Completed 500 Internal Server Error in 6028ms
2016-11-30 02:31:14 [app] [F] | ActionView::MissingTemplate (Missing template katello/common/403 with {:locale=>[:en], :formats=>[:html], :variants=>[], :handlers=>[:erb, :builder, :raw, :ruby, :rabl]}. Searched in: | * "/usr/share/foreman/app/views" | * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman_openscap-0.5.3.18/app/views" | * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman_theme_satellite-0.1.31/app/views" | * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman_remote_execution-0.3.0.12/app/views" | * "/opt/theforeman/tfm/root/usr/share/gems/gems/redhat_access-1.0.13/app/views" | * "/opt/theforeman/tfm/root/usr/share/gems/gems/katello-3.0.0.81/app/views" | * "/opt/theforeman/tfm/root/usr/share/gems/gems/bastion-3.2.0.10/app/views" | * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman-tasks-0.7.14.9/app/views" | * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman_discovery-5.0.0.9/app/views" | * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman_docker-2.0.1.11/app/views" | * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman_bootdisk-6.1.0.3/app/views" | * "/opt/theforeman/tfm/root/usr/share/gems/gems/apipie-rails-0.3.6/app/views" | ): | katello (3.0.0.81) app/controllers/katello/application_controller.rb:290:in `block (2 levels) in render_403' | katello (3.0.0.81) app/controllers/katello/application_controller.rb:289:in `render_403' | app/controllers/application_controller.rb:61:in `deny_access' | app/controllers/application_controller.rb:53:in `authorize' | lib/middleware/catch_json_parse_errors.rb:9:in `call'

Associated revisions

Revision 69175798 (diff)
Added by David Davis about 6 years ago

Fixes #17757 - Check perm before redirecting to manifest page

History

#1 Updated by Walden Raines about 6 years ago

  • Assignee set to Eric Helms

#2 Updated by David Davis about 6 years ago

  • Related to Bug #15943: Katello does not render 403 page properly, resulting in error added

#3 Updated by David Davis about 6 years ago

Note that in order to reproduce this, you must NOT have a manifest imported. The error occurs because the readonly user is redirected to edit manifests if there are no subscriptions. And of course they don't have edit permissions.

#4 Updated by David Davis about 6 years ago

  • Related to deleted (Bug #15943: Katello does not render 403 page properly, resulting in error)

#5 Updated by David Davis about 6 years ago

  • Project changed from Bastion to Katello
  • Status changed from New to Assigned
  • Assignee changed from Eric Helms to David Davis

#6 Updated by The Foreman Bot about 6 years ago

  • Status changed from Assigned to Ready For Testing
  • Pull request https://github.com/Katello/katello/pull/6658 added

#7 Updated by David Davis about 6 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

#8 Updated by Justin Sherrill about 6 years ago

  • Category set to Subscriptions
  • Legacy Backlogs Release (now unused) set to 211

Also available in: Atom PDF