Project

General

Profile

Feature #3976

Need Read-Only user Role pre-defined and available post installation

Added by Mike McCune over 5 years ago. Updated 10 months ago.

Status:
Closed
Priority:
Normal
Category:
Security
Target version:
Difficulty:
Triaged:
Bugzilla link:
Team Backlog:
Fixed in Releases:
Found in Releases:

Description

A common use case is to grant users 'read-only' roles so they can login, monitor, view and audit configuration and runtime data.

Katello shipped with this pre-defined role available post installation.

We lost this when we moved to Foreman as the core engine and need this added along with the new permission system in Foreman.


Related issues

Related to Foreman - Bug #7213: Tests are failing for plug-in due to permissions being created outside of seedsClosed2014-08-21

Associated revisions

Revision 7cb41918 (diff)
Added by Daniel Lobato Garcia almost 5 years ago

Fixes #3976 - Add all view_ permissions to viewer user role

This PR tests that there is a match between foreman access control and
permissions seeded by the db script. It also checks all seeded view_
permissions are part of the viewer role.

History

#1 Updated by Dmitri Dolguikh about 5 years ago

  • Target version set to 1.9.0

#2 Updated by Dominic Cleal about 5 years ago

  • Assignee deleted (Marek Hul├ín)

#3 Updated by Dmitri Dolguikh about 5 years ago

  • Target version changed from 1.9.0 to 1.8.4

#4 Updated by Dmitri Dolguikh about 5 years ago

  • Target version changed from 1.8.4 to 1.8.3

#5 Updated by Lukas Zapletal about 5 years ago

But isn't the "Viewer" role the case?

#6 Updated by Dominic Cleal about 5 years ago

Lukas Zapletal wrote:

But isn't the "Viewer" role the case?

Indeed, I think it is. I looked briefly at it and found it was missing quite a few view_* permissions, so all we probably need to do is update it. I'd even be inclined to add a test to check it has all view_* permissions so we don't let it get out of sync again.

#7 Updated by Dmitri Dolguikh about 5 years ago

  • Target version deleted (1.8.3)

#8 Updated by Ohad Levy almost 5 years ago

  • Legacy Backlogs Release (now unused) set to 10

#9 Updated by Ohad Levy almost 5 years ago

  • Target version set to 1.7.5

#10 Updated by Dominic Cleal almost 5 years ago

  • Legacy Backlogs Release (now unused) deleted (10)

#11 Updated by Dominic Cleal almost 5 years ago

  • Status changed from New to Assigned
  • Assignee set to Daniel Lobato Garcia

#12 Updated by The Foreman Bot almost 5 years ago

  • Status changed from Assigned to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/1649 added
  • Pull request deleted ()

#13 Updated by Dominic Cleal almost 5 years ago

  • Legacy Backlogs Release (now unused) set to 21

#14 Updated by Daniel Lobato Garcia almost 5 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

#15 Updated by Stephen Benjamin over 4 years ago

  • Related to Bug #7213: Tests are failing for plug-in due to permissions being created outside of seeds added

Also available in: Atom PDF