Bug #21496
Roles not properly removing permissions
Description
def permission_records(permissions) collection = Permission.where(:name => permissions.flatten).all raise ::Foreman::PermissionMissingException.new(N_('some permissions were not found')) if collection.size != permissions.size collection end
In a call for the permissions_records method, the permissions were of the format ":view_tasks, :view_bookmarks" (https://github.com/theforeman/foreman/blob/develop/db/seeds.d/020-roles_list.rb#L38, https://github.com/theforeman/foreman/blob/develop/lib/seed_helper.rb#L92.)
This parameter caused the following stack trace
Foreman::PermissionMissingException: ERF73-2603 [Foreman::PermissionMissingException]: some permissions were not found /usr/share/foreman/app/models/role.rb:288:in `permission_records' /usr/share/foreman/app/models/role.rb:164:in `find_for_permission_removal' /usr/share/foreman/app/models/role.rb:205:in `remove_permissions!' /usr/share/foreman/lib/seed_helper.rb:80:in `block in update_role_permissions' /usr/share/foreman/app/models/role.rb:228:in `ignore_locking' /usr/share/foreman/lib/seed_helper.rb:72:in `update_role_permissions' /usr/share/foreman/lib/seed_helper.rb:53:in `create_role' /usr/share/foreman/db/seeds.d/03-roles.rb:9:in `block (3 levels) in <top (required)>' /usr/share/foreman/db/seeds.d/03-roles.rb:8:in `each' /usr/share/foreman/db/seeds.d/03-roles.rb:8:in `block (2 levels) in <top (required)>' /opt/theforeman/tfm/root/usr/share/gems/gems/audited-4.4.1/lib/audited/auditor.rb:283:in `without_auditing' /usr/share/foreman/db/seeds.d/03-roles.rb:4:in `block in <top (required)>' /opt/theforeman/tfm/root/usr/share/gems/gems/audited-4.4.1/lib/audited/auditor.rb:283:in `without_auditing' /usr/share/foreman/db/seeds.d/03-roles.rb:3:in `<top (required)>' /opt/rh/rh-ror42/root/usr/share/gems/gems/activesupport-4.2.6/lib/active_suppo
The reason for PermissionMissingException was that "collection.size != permissions.size" while it should technically be "collection.size != permissions.flatten.size"
Related issues
Associated revisions
History
#1
Updated by Partha Aji about 3 years ago
- Bugzilla link set to 1507073
#2
Updated by Partha Aji about 3 years ago
- Target version set to 225
#3
Updated by The Foreman Bot about 3 years ago
- Status changed from New to Ready For Testing
- Pull request https://github.com/theforeman/foreman/pull/4957 added
#4
Updated by Marek Hulán about 3 years ago
- Legacy Backlogs Release (now unused) set to 296
#5
Updated by Marek Hulán about 3 years ago
- Related to Bug #21342: Role needs to be updated if their permissions changed in new version added
#6
Updated by Partha Aji about 3 years ago
- % Done changed from 0 to 100
- Status changed from Ready For Testing to Closed
Applied in changeset 6a1f0e1adcea166c15785b05989a97462fb7ec9b.
Fixes #21496 - Properly fetches permission records
The permission records method used to wrongly error out when the
permissions were nested inside an array. Even though the permission list
was returned properly the comparison to raise the PermissionMissing
exception used the wrong logic.