Bug #3549
closed
hostgroups can only be edited by a user with Administrator rights
Description
Using foreman version 1.3.0, a user with no filters in a role with all permissions (such as the default Manager role) cannot view or edit hostgroups.
New hostgroups can be created and edited.
/hostgroups doesn't show any hostgroups not created by that user
/hostgroups/<hostgroupid>/edit results in Host Group Not Found. Log shows
Started GET "/hostgroups/7-aix-db/edit" for 172.27.174.10 at 2013-10-30 14:01:01 -0400
Processing by HostgroupsController#edit as HTML
Parameters: {"id"=>"7-aix-db"}
Rendered common/404.html.erb within layouts/application (0.5ms)
Rendered home/_user_dropdown.html.erb (7.1ms)
Read fragment views/tabs_and_title_records-10 (0.1ms)
Rendered home/_org_switcher.html.erb (0.0ms)
Rendered home/_settings.html.erb (13.4ms)
Write fragment views/tabs_and_title_records-10 (1.1ms)
Rendered home/_topbar.html.erb (23.2ms)
Completed 404 Not Found in 46ms (Views: 33.3ms | ActiveRecord: 2.4ms)
Updated by Dominic Cleal over 11 years ago
- Category set to Users, Roles and Permissions
Updated by
Updated by Dominic Cleal over 11 years ago
- Related to Bug #3595: Foreman 1.3.0: Creating a new hostgroup with included puppet Classes as an non admin user fails added
Updated by Dominic Cleal about 11 years ago
- Status changed from New to Feedback
Would you be able to re-test on Foreman nightlies (1.5)? The authorisation system has been rewritten to be more powerful, and Foreman has been updated throughout. I've given it a quick test on Foreman 1.5 and it seems to work fine, unfortunately I don't have 1.4 to hand to double check the steps there.
http://projects.theforeman.org/projects/foreman/wiki/Auth_testing_for_Foreman_15 has some more information.
Updated by Dominic Cleal about 11 years ago
- Status changed from Feedback to Resolved
- Target version set to 1.8.4
- % Done changed from 0 to 100
- Translation missing: en.field_release set to 4
Thanks for confirming!