Project

General

Profile

Bug #29376

Non-admin user with view_subscriptions perms cannot view subscriptions

Added by Jonathon Turel 7 months ago. Updated 7 months ago.

Status:
Closed
Priority:
Normal
Category:
Subscriptions
Target version:
Difficulty:
Triaged:
Yes
Bugzilla link:
Fixed in Releases:
Found in Releases:

Description

Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1805430

Description of problem:

A non-admin user cannot view subscriptions, in the same organization, in the web UI or on the CLI

How reproducible:

Error was found while running test for a role with permission filters and it failed every time.

Steps to Reproduce:
As admin user:
1. create test org "nonadmintest"
2. add manifest to org "nonadmintest"
3. create user "non-admin"
4. create role and assign to user.
5. Add perms to role:
assign_organizations, view_organizations
unattach_subscriptions, attach_subscriptions, view_subscriptions
6. logout and back in as non-admin user and try to view subscriptions.

Actual results:

There are no Subscriptions to display
Import a Manifest to manage your Entitlements.

Expected results:

I expect to see the subscriptions if view_subscriptions permissions assigned,
If they were not, i would expect to see "Permission denied"

Associated revisions

Revision de6fd725 (diff)
Added by Jonathon Turel 7 months ago

Fixes #29376 - Use Authorizable on Pools

History

#1 Updated by Jonathon Turel 7 months ago

  • Target version set to Katello 3.16.0
  • Subject changed from Non-admin user with view_subscriptions perms cannot view subscriptions to Non-admin user with view_subscriptions perms cannot view subscriptions

#2 Updated by The Foreman Bot 7 months ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/Katello/katello/pull/8619 added

#3 Updated by The Foreman Bot 7 months ago

  • Fixed in Releases Katello 3.16.0 added

#4 Updated by Jonathon Turel 7 months ago

  • Status changed from Ready For Testing to Closed

#5 Updated by Samir Jha 7 months ago

  • Triaged changed from No to Yes

Also available in: Atom PDF