Project

General

Profile

Bug #20104

fix_db_cache needs to run with admin permissions

Added by Daniel Lobato Garcia about 2 years ago. Updated about 1 year ago.

Status:
Closed
Priority:
Normal
Category:
Database
Target version:
Difficulty:
Triaged:
Bugzilla link:
Team Backlog:
Fixed in Releases:
Found in Releases:

Description

The rake task 'fix_db_cache' triggers CacheManager, and CacheManager tries to find roles, user groups, etc.. without any permissions. This will cause it to fail with an error similar to https://gist.github.com/52da11cb368ec530bcf0247d3ee38855 .

Many of the actions called by CacheManager, like UsergroupMember.save will have to find objects that needs permissions to be viewed, hence CacheManager has to be called "as_admin".

Associated revisions

Revision c1ca2c0d (diff)
Added by Daniel Lobato Garcia about 2 years ago

Fixes #20104 - fix_db_cache needs to run as admin

The rake task 'fix_db_cache' triggers CacheManager, and CacheManager
tries to find roles, user groups, etc.. without any permissions. This
will cause it to fail with an error similar to
https://gist.github.com/52da11cb368ec530bcf0247d3ee38855 .

Many of the actions called by CacheManager, like UsergroupMember.save
will have to find objects that needs permissions to be viewed, hence
CacheManager has to be called "as_admin".

Similarly an user may destroy or save a new UsergroupMember. The cache
needs to be updated with information about all user groups in the
system, not only the ones visible to the user making the change.

Revision f9f40395 (diff)
Added by Daniel Lobato Garcia about 2 years ago

Fixes #20104 - fix_db_cache needs to run as admin

The rake task 'fix_db_cache' triggers CacheManager, and CacheManager
tries to find roles, user groups, etc.. without any permissions. This
will cause it to fail with an error similar to
https://gist.github.com/52da11cb368ec530bcf0247d3ee38855 .

Many of the actions called by CacheManager, like UsergroupMember.save
will have to find objects that needs permissions to be viewed, hence
CacheManager has to be called "as_admin".

Similarly an user may destroy or save a new UsergroupMember. The cache
needs to be updated with information about all user groups in the
system, not only the ones visible to the user making the change.

(cherry picked from commit c1ca2c0d10a411f0074939304030449840ecea7c)

History

#1 Updated by Daniel Lobato Garcia about 2 years ago

  • Legacy Backlogs Release (now unused) set to 266

#2 Updated by The Foreman Bot about 2 years ago

  • Status changed from New to Ready For Testing
  • Assignee set to Daniel Lobato Garcia
  • Pull request https://github.com/theforeman/foreman/pull/4622 added

#3 Updated by Anonymous about 2 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

#4 Updated by Marek Hulán about 2 years ago

  • Bugzilla link set to 1473910

Also available in: Atom PDF