Bug #35153
closed
Katello 403 after pressing Sync button on a repository page
Added by Rossen G over 2 years ago.
Updated about 1 year ago.
Category:
Roles and Permissions
|
|
Description
I've created a user with a role limiting permissions to only be able to manage products and repositories. Includes permission to see tasks.]
1. Inside a product, select repository, and press "Sync Now", leads to task page with the sync task
2. Inside the repository, selecting either "Sync Now" or "Advanced Sync", leads to a Katello 403 page. The sync task is still created.
The issue is in that second case. Admin users do not experience the issue.
- Target version set to Katello Backlog
Looks like an issue with permissions. Could you please provide information so we can reproduce the issue?
Thank you.
What kind of information do you need?
1. Create a non admin account, create role that has all product permission, give the role to the user so that the user has the role + default.
2. Create a product and repository
3. Go on the repository settings page, and select sync from the action menu top right
4. Get katello 403 error page
- Category set to Roles and Permissions
- Target version changed from Katello Backlog to Katello 4.6.0
- Triaged changed from No to Yes
- Target version changed from Katello 4.6.0 to Katello 4.8.0
- Status changed from New to Ready For Testing
- Assignee set to Samir Jha
- Pull request https://github.com/Katello/katello/pull/10378 added
- Fixed in Releases Katello 4.8.0 added
- Status changed from Ready For Testing to Closed
- Target version changed from Katello 4.8.0 to Katello 4.7.0
- Triaged changed from Yes to No
- Triaged changed from No to Yes
- Pull request https://github.com/Katello/katello/pull/10385 added
- Pull request https://github.com/Katello/katello/pull/10743 added
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by 
Updated by 
Updated by