Project

General

Profile

Bug #3549

hostgroups can only be edited by a user with Administrator rights

Added by m w over 9 years ago. Updated almost 5 years ago.

Status:
Resolved
Priority:
High
Assignee:
-
Category:
Users, Roles and Permissions
Target version:
1.5.0
Difficulty:
Triaged:
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

Using foreman version 1.3.0, a user with no filters in a role with all permissions (such as the default Manager role) cannot view or edit hostgroups.

New hostgroups can be created and edited.

/hostgroups doesn't show any hostgroups not created by that user

/hostgroups/<hostgroupid>/edit results in Host Group Not Found. Log shows

Started GET "/hostgroups/7-aix-db/edit" for 172.27.174.10 at 2013-10-30 14:01:01 -0400
Processing by HostgroupsController#edit as HTML
Parameters: {"id"=>"7-aix-db"}
Rendered common/404.html.erb within layouts/application (0.5ms)
Rendered home/_user_dropdown.html.erb (7.1ms)
Read fragment views/tabs_and_title_records-10 (0.1ms)
Rendered home/_org_switcher.html.erb (0.0ms)
Rendered home/_settings.html.erb (13.4ms)
Write fragment views/tabs_and_title_records-10 (1.1ms)
Rendered home/_topbar.html.erb (23.2ms)
Completed 404 Not Found in 46ms (Views: 33.3ms | ActiveRecord: 2.4ms)

Related issues

Related to Foreman - Bug #3595: Foreman 1.3.0: Creating a new hostgroup with included puppet Classes as an non admin user failsResolved2013-11-06

History

#1 Updated by Dominic Cleal over 9 years ago

  • Category set to Users, Roles and Permissions

#2 Updated by m w over 9 years ago

This issue exists in foreman 1.2.2 as well.

#3 Updated by Dominic Cleal over 9 years ago

  • Related to Bug #3595: Foreman 1.3.0: Creating a new hostgroup with included puppet Classes as an non admin user fails added

#4 Updated by m w about 9 years ago

This issue still exists in foreman 1.4.2

#5 Updated by Dominic Cleal about 9 years ago

  • Status changed from New to Feedback

Would you be able to re-test on Foreman nightlies (1.5)? The authorisation system has been rewritten to be more powerful, and Foreman has been updated throughout. I've given it a quick test on Foreman 1.5 and it seems to work fine, unfortunately I don't have 1.4 to hand to double check the steps there.

http://projects.theforeman.org/projects/foreman/wiki/Auth_testing_for_Foreman_15 has some more information.

#6 Updated by m w about 9 years ago

Works great in 1.5! Thanks.

#7 Updated by Dominic Cleal about 9 years ago

  • Status changed from Feedback to Resolved
  • Target version set to 1.8.4
  • % Done changed from 0 to 100
  • Legacy Backlogs Release (now unused) set to 4

Thanks for confirming!

Also available in: Atom PDF