Project

General

Profile

Actions
Copy link

Bug #3391

closed

Unable to spoof templates as non-admin

Added by Max San over 11 years ago. Updated about 11 years ago.

Status:
Duplicate
Priority:
Normal
Assignee:
-
Category:
Users, Roles and Permissions
Target version:
-
Difficulty:
Triaged:
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

In Foreman 1.3.0 it is not possible to spoof templates as non-admin users. It will just show a standard "We're sorry, but something went wrong." error message and throw exception in the log. Even with all ACL turned on the template will not be visible but as soon as you assign the user admin access the template can be spoofed. Log file attached.

Files

foreman-spoof-template-log.txt foreman-spoof-template-log.txt 16.5 KB Max San, 10/21/2013 04:16 PM

Related issues 1 (0 open1 closed)

Is duplicate of Foreman - Bug #2892: unattended spoof mode only work for an administratorResolved08/07/2013Actions
Actions
Copy link
 #1

Updated by Dominic Cleal over 11 years ago

  • Category set to Users, Roles and Permissions
Actions
Copy link
 #2

Updated by Lukas Zapletal over 11 years ago

Reproduced.

Actions
Copy link
 #3

Updated by Lukas Zapletal over 11 years ago

Hmmm I am not sure why we call authorize method even when it is not supposed to be called:

  FILTERS.each do |f|
    define_method("#{f}_with_unattended") do
      send("#{f}_without_unattended") if params.keys.include?("spoof")
    end
    alias_method_chain f, :unattended
  end
Actions
Copy link
 #4

Updated by Dominic Cleal about 11 years ago

  • Is duplicate of Bug #2892: unattended spoof mode only work for an administrator added
Actions
Copy link
 #5

Updated by Dominic Cleal about 11 years ago

  • Status changed from New to Duplicate
Actions
Copy link

Also available in: Atom PDF