Project

General

Profile

Actions

Bug #5612

closed

Foreman API v1 & v2 do not display common_parameters for non-admin users

Added by Jason Knudsen over 10 years ago. Updated over 6 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Users, Roles and Permissions
Target version:
Difficulty:
Triaged:
Fixed in Releases:
Found in Releases:

Description

ENV:
Puppet: 3.5.1
Foreman :1.5.0RC2

We have a non-admin user called foreman that we use for API queries to pull down facts, parameters, hostgroups, classes, and global_parameters and it uses this to generate templates. Basically it needs to know parameters from other hosts, and global parameters.

The ruby code basically queries the API at https://hostname:port/api/common_parameters to fetch global parameters. This no longer seems to work at all for this non-admin user. It has view/viewer roles. The admin user works fine. If we call specific parameters, it will work, e.g.: https://hostname:port/api/common_parameters/test displays the expected result. Also, the same symptoms occur if we use Hammer with the foreman user. No results are displayed.

However, permissions are fine and we can login to the Foreman UI and see global parameters, hosts, hostgroups, etc. Just fine.

Seems like a regression. The last version we tested and it worked on was Foreman 1.4.


Related issues 1 (1 open0 closed)

Blocks Foreman - Tracker #4552: New permissions/authorization system issuesNew

Actions
Actions #1

Updated by Dominic Cleal over 10 years ago

  • Category changed from 65 to Users, Roles and Permissions
  • Status changed from New to Assigned
  • Assignee changed from Martin Bacovsky to Dominic Cleal
  • Target version set to 1.8.3
  • Translation missing: en.field_release changed from 4 to 16

Thanks, reproduced successfully. It's trying to look up permissions for Parameter, not CommonParameter.

Also affected are the /api/v2/*/parameters routes, which try to look up permissions "view_domains_parameters" etc.

Actions #2

Updated by Dominic Cleal over 10 years ago

  • Blocks Tracker #4552: New permissions/authorization system issues added
Actions #3

Updated by Dominic Cleal over 10 years ago

  • Status changed from Assigned to Ready For Testing
Actions #4

Updated by Jason Knudsen over 10 years ago

Awesome. Thanks for the quick turnaround on that - confirmed it's working in our lab!

Actions #5

Updated by Dominic Cleal over 10 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100
Actions #6

Updated by Dominic Cleal over 10 years ago

  • Translation missing: en.field_release changed from 16 to 4
Actions #7

Updated by Dominic Cleal over 10 years ago

Jason Knudsen wrote:

Awesome. Thanks for the quick turnaround on that - confirmed it's working in our lab!

Great, it'll be in 1.5.0 final. Thanks for helping test the RCs!

Actions

Also available in: Atom PDF