Bug #29914

User without view_organization permission cannot switch organization

Added by Tomer Brisker 4 months ago. Updated 2 months ago.

Ready For Testing
Organizations and Locations
Target version:
Bugzilla link:
Fixed in Releases:
Found in Releases:


The top bar menu is only shown if the user has the permission which is incorrect, a user with more than one organization should be able to change their organization even without the permission.
Same is true for locations.
The source of the issue is a check for "show_{taxonomy}_tab" which is used on edit forms and shouldn't be used by the selector.

Related issues

Related to Foreman - Task #23448: react implementation for navigation barClosed


#1 Updated by Tomer Brisker 4 months ago

  • Difficulty set to easy

#2 Updated by Marek Hulán 4 months ago

I don't think we should support such inconsistency, I'd rather grant such permission by assigning user to the organization. Note that we're probably checking view_organizations on many other places (host form selection, multi selects in objects forms, audits list).

The other option, which I like less, is, authz helpers returning true in case user is assigned to a given org.

#3 Updated by Tomer Brisker 4 months ago

The case here is when a user is assigned to two organizations without view_organization, they can't change to a different organization because the dropdown isn't displayed. this is a regression of the nav bar reimplementation in react, previously the navbar did show the option to change locations (e.g.:

#4 Updated by Tomer Brisker 4 months ago

  • Related to Task #23448: react implementation for navigation bar added

#5 Updated by Tomer Brisker 4 months ago

  • Found in Releases 1.20.0 added

#6 Updated by The Foreman Bot 3 months ago

  • Assignee set to Amir Fefer
  • Status changed from New to Ready For Testing
  • Pull request added

Also available in: Atom PDF