Project

General

Profile

Bug #3076

Foreman 1.2.2: Non Admin user fails to override parameters when creating a new hosts.

Added by Peter Gustafsson about 9 years ago. Updated about 9 years ago.

Status:
Closed
Priority:
High
Assignee:
Category:
Users, Roles and Permissions
Target version:
Difficulty:
Triaged:
No
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

Hi,

Non Admin user fails to override parameters when creating a new host. In the web UI New Host => parameters it looks ok, i can push the override button and set a new value to the parameter.
But after the machine is provisioned the new value is not set on the host and the YAML file for the host contains the old parameter value.

The user that i tried this with is assigned an role with all permissions granted.

History

#1 Updated by Dominic Cleal about 9 years ago

  • Category set to Users, Roles and Permissions

#2 Updated by Dominic Cleal about 9 years ago

  • Priority changed from Normal to High
  • Target version set to 1.3.0

#3 Updated by Greg Sutcliffe about 9 years ago

I see what's happeneing here...

The issue is at http://projects.theforeman.org/projects/foreman/repository/revisions/develop/annotate/app/models/lookup_value.rb#L65 - under normal circumstances $1 will indeed be part of Host.my_hosts (or it isn't and we should deny the update). However, during host creation, the new Host object hasn't been saved to the DB yet, so this check fails, and we get permission denied on creating the matcher.

The fix is less obvious. This method seems to know nothing about the state of the new Host object (new_record? etc. all apply to the new lookup_value object). I'm not sure how we can check if we're in the process of creating a new Host, and return true if so.

Joseph, any ideas?

#4 Updated by Joseph Magen about 9 years ago

I updated PR https://github.com/theforeman/foreman/pull/903

A new host will not be found in the list of all existing hosts so this will be allow
It will only return false if the host_name exists but it does NOT belong to the user.

Does this make this?

#5 Updated by Joseph Magen about 9 years ago

  • Status changed from New to Ready For Testing

#6 Updated by Anonymous about 9 years ago

  • Assignee set to Joseph Magen

#7 Updated by Dominic Cleal about 9 years ago

  • Related to Tracker #3112: [TRACKER] Issues to be released in 1.3 RC or final added

#8 Updated by Dominic Cleal about 9 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

There's an error in the commit message that I missed, it references #3048 instead of #3076, but this issue has been fixed in develop:

https://github.com/theforeman/foreman/commit/06909647beeae040680d0dd50ee8a8f10bf1b577

#9 Updated by Lukas Zapletal about 9 years ago

  • Related to deleted (Tracker #3112: [TRACKER] Issues to be released in 1.3 RC or final)

Also available in: Atom PDF