Bug #5235

Filter creation allows me to enter and save with a field that isn't available for searching and blows up the resulting entity page

Added by Eric Helms over 4 years ago. Updated 8 days ago.

Status:Closed
Priority:High
Assignee:Dmitri Dolguikh
Category:Authorization
Target version:1.5.2
Difficulty: Team Backlog:
Triaged: Fixed in Releases:
Bugzilla link:1117832 Found in Releases:
Pull request:

Description

1. Create a New Role
2. Click to add new Filter
3. Select 'Domain'
4. Add all permissions for Domain
5. Enter 'anything = 4' into the Search box
6. click 'Submit' (Note: no validation to stop you from saving this invalid filter)
7. Grant Role to user without any other permissions
8. Log in as new user
9. Navigate to Domains page
10. Attempt to create a Domain

Error output "Invalid search query: Field 'anything' not recognized for searching!"


Related issues

Related to Foreman - Bug #6830: upgrade 1.4.5 to 1.5.2 results in "Invalid search query" ... Closed 07/30/2014
Blocks Foreman - Tracker #4552: New permissions/authorization system issues New 03/05/2014

Associated revisions

Revision 0545fd10
Added by Dmitri Dolguikh about 4 years ago

fixes #5235: it's impossible to create filters with invaid searches

Revision 4dbf7958
Added by Dmitri Dolguikh almost 4 years ago

fixes #5235: it's impossible to create filters with invaid searches

(cherry picked from commit 0545fd10e610f350e1b43783d3073ab2296bdf33)

History

#1 Updated by Dominic Cleal about 4 years ago

  • Category set to Authorization

#2 Updated by Dominic Cleal about 4 years ago

  • Blocks Tracker #4552: New permissions/authorization system issues added

#3 Updated by Dmitri Dolguikh about 4 years ago

  • Status changed from New to Assigned
  • Assignee set to Dmitri Dolguikh

#4 Updated by Dmitri Dolguikh about 4 years ago

  • Status changed from Assigned to Ready For Testing

#5 Updated by Dominic Cleal about 4 years ago

  • Target version set to 1.8.1

#6 Updated by Dmitri Dolguikh about 4 years ago

  • Target version changed from 1.8.1 to 1.8.0

#7 Updated by Dominic Cleal about 4 years ago

  • Legacy Backlogs Release (now unused) set to 18

#8 Updated by Anonymous about 4 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

#9 Updated by Bryan Kearney about 4 years ago

  • Bugzilla link set to 1117832

#10 Updated by Dominic Cleal almost 4 years ago

  • Related to Bug #6830: upgrade 1.4.5 to 1.5.2 results in "Invalid search query" error added

Also available in: Atom PDF