Bug #5541
closedFilter of resource type Organization can result in error condition when trying to access organization resources
Description
1. Create new role
2. Create new user
3. Assign user to new role
4. Add filter to role of resource type 'Organization', select 'edit_organization' verb
5. Click organizations tab and select 'ACME_Corporation'
6. As the new user, with only the new role, do a PUT to /api/v2/organizations/1
Error Output:
{
"error": {
"message": "Field 'organization_id' not recognized for searching!",
"class": "ScopedSearch::QueryNotSupported"
}
}
Updated by Dominic Cleal over 10 years ago
- Category set to Users, Roles and Permissions
Updated by Dominic Cleal over 10 years ago
- Related to Bug #5397: Architectures filter blows up if an organization is selected added
Updated by Dominic Cleal over 10 years ago
- Blocks Tracker #4552: New permissions/authorization system issues added
Updated by Dominic Cleal over 10 years ago
- Translation missing: en.field_release set to 16
Updated by Marek Hulán over 10 years ago
- Status changed from New to Need more information
Could you please retest with develop branch? I think this was fixed in #5664 since you can't set taxonomy filters for resources that do not support it. See https://github.com/theforeman/foreman/commit/82b4749eeddabc542ebf1eaec6fdf2d76d2fdd75 for more details.
Updated by Marek Hulán over 10 years ago
- Related to deleted (Bug #5397: Architectures filter blows up if an organization is selected)
Updated by Marek Hulán over 10 years ago
- Is duplicate of Bug #5397: Architectures filter blows up if an organization is selected added
Updated by Dominic Cleal over 10 years ago
- Status changed from Need more information to Duplicate
Updated by Dominic Cleal over 10 years ago
- Status changed from Duplicate to Feedback
- Target version deleted (
1.8.2) - Translation missing: en.field_release deleted (
16)
Updated by Dominic Cleal over 10 years ago
- Related to Bug #5664: Users permissions on hosts are not working properly with organizations added
Updated by Bryan Kearney over 10 years ago
- Bugzilla link set to https://bugzilla.redhat.com/show_bug.cgi?id=1098709
Updated by Eric Helms over 10 years ago
- Status changed from Feedback to New
While this has been fixed via taxonomy hiding for resource types that don't support it, the bug is still possible the API. For example,
POST /api/v2/filters
{
"role_id": 9,
"permission_ids": [98],
"organization_ids": [1]
}
Result:
{
"id": 152,
"search": null,
"resource_type": "Organization",
"unlimited?": true,
"created_at": "2014-08-14T13:12:59Z",
"updated_at": "2014-08-14T13:12:59Z",
"role": {
"name": "Test Role",
"id": 9
},
"permissions": [
{
"name": "edit_organizations",
"id": 98,
"resource_type": "Organization"
}
],
"organizations": [
{
"id": 1,
"name": "Default_Organization"
}
],
}
Updated by Marek Hulán over 10 years ago
- Status changed from New to Assigned
- Assignee set to Marek Hulán
- Target version set to 1.7.4
Updated by The Foreman Bot over 10 years ago
- Status changed from Assigned to Ready For Testing
- Pull request https://github.com/theforeman/foreman/pull/1726 added
- Pull request deleted (
)
Updated by Anonymous over 10 years ago
- Target version changed from 1.7.4 to 1.7.3
Updated by Dominic Cleal over 10 years ago
- Translation missing: en.field_release set to 21
Updated by Marek Hulán over 10 years ago
- Status changed from Ready For Testing to Closed
- % Done changed from 0 to 100
Applied in changeset 0b1527e4697b44b3d02334b96883f5407f991f66.
Updated by Dominic Cleal about 10 years ago
- Related to Bug #7615: Unable to create a non-taxonomy role filter when current context set added