Feature #3976: Need Read-Only user Role pre-defined and available post installation - Foreman

Feature #3976

Need Read-Only user Role pre-defined and available post installation

Added by Mike McCune over 9 years ago. Updated almost 5 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Daniel Lobato Garcia

Category:

Security

Target version:

1.7.0

Difficulty:

Triaged:

Bugzilla link:

Pull request:

https://github.com/theforeman/foreman/pull/1649

Fixed in Releases:

Found in Releases:

Red Hat JIRA:

Description

A common use case is to grant users 'read-only' roles so they can login, monitor, view and audit configuration and runtime data.

Katello shipped with this pre-defined role available post installation.

We lost this when we moved to Foreman as the core engine and need this added along with the new permission system in Foreman.

Related issues

Associated revisions

Revision 7cb41918 (diff)
Added by Daniel Lobato Garcia almost 9 years ago

Fixes #3976 - Add all view_ permissions to viewer user role

This PR tests that there is a match between foreman access control and
permissions seeded by the db script. It also checks all seeded view_
permissions are part of the viewer role.

History

#1 Updated by Anonymous over 9 years ago

Target version set to 1.9.0

#2 Updated by Dominic Cleal about 9 years ago

Assignee deleted (~~Marek Hulán~~)

#3 Updated by Anonymous about 9 years ago

Target version changed from 1.9.0 to 1.8.4

#4 Updated by Anonymous about 9 years ago

Target version changed from 1.8.4 to 1.8.3

#5 Updated by Lukas Zapletal about 9 years ago

But isn't the "Viewer" role the case?

#6 Updated by Dominic Cleal about 9 years ago

Lukas Zapletal wrote:

But isn't the "Viewer" role the case?

Indeed, I think it is. I looked briefly at it and found it was missing quite a few view_* permissions, so all we probably need to do is update it. I'd even be inclined to add a test to check it has all view_* permissions so we don't let it get out of sync again.