Bug #20483

Some core permissions are missing from Manager and Organization admin roles

Added by Marek Hulán 12 months ago. Updated 9 days ago.

Status:Closed
Priority:Normal
Assignee:Marek Hulán
Category:-
Target version:1.15.3
Difficulty: Team Backlog:
Triaged: Fixed in Releases:
Bugzilla link:1477598 Found in Releases:
Pull request:https://github.com/theforeman/foreman/pull/4710

Description

Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1477598
Description of problem:

In clean installation, Manager and Organization admin roles do not contain all permissions, e.g.

it contains on view_compute_profiles but not edit/destroy/create permission for this resource

The cause is that hardcoded list in db/seeds.d/02-roles_list.rb is not complete.

Version-Release number of selected component (if applicable):

Satellite 6.3 snap 9 / Foreman nightly (1.16-develop)

How reproducible:

100%

Steps to Reproduce:
1. install Satellite / Foreman
2. navigate to Manager role, see filters
3. try to find edit_compute_profiles

Actual results:

no such permission can be found

Expected results:

every permission should be included in Manager role, Organization admin should contain similar set just without organization management
Additional info:

Associated revisions

Revision 47f0bc24
Added by Marek Hulán 12 months ago

Fixes #20483 - seed all permission for core roles

Revision 3c657d93
Added by Marek Hulán 11 months ago

Fixes #20483 - seed all permission for core roles

(cherry picked from commit 47f0bc240c2b52b3fb644557c7c2124de3c81523)

History

#1 Updated by The Foreman Bot 12 months ago

  • Status changed from New to Ready For Testing
  • Assignee set to Marek Hulán
  • Pull request https://github.com/theforeman/foreman/pull/4710 added

#2 Updated by Marek Hulán 12 months ago

  • Legacy Backlogs Release (now unused) set to 276

I think this is a good candidate for 1.15.3 since we started to lock core roles. There's no way for user to add missing permission to Manager role. Also it seems pretty safe change. Please reset the release field if you disagree.

#3 Updated by Anonymous 11 months ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

Also available in: Atom PDF