Bug #5612
closed
Foreman API v1 & v2 do not display common_parameters for non-admin users
Description
ENV:
Puppet: 3.5.1
Foreman :1.5.0RC2
We have a non-admin user called foreman that we use for API queries to pull down facts, parameters, hostgroups, classes, and global_parameters and it uses this to generate templates. Basically it needs to know parameters from other hosts, and global parameters.
The ruby code basically queries the API at https://hostname:port/api/common_parameters to fetch global parameters. This no longer seems to work at all for this non-admin user. It has view/viewer roles. The admin user works fine. If we call specific parameters, it will work, e.g.: https://hostname:port/api/common_parameters/test displays the expected result. Also, the same symptoms occur if we use Hammer with the foreman user. No results are displayed.
However, permissions are fine and we can login to the Foreman UI and see global parameters, hosts, hostgroups, etc. Just fine.
Seems like a regression. The last version we tested and it worked on was Foreman 1.4.
Updated by Dominic Cleal over 10 years ago
- Category changed from 65 to Users, Roles and Permissions
- Status changed from New to Assigned
- Assignee changed from Martin Bacovsky to Dominic Cleal
- Target version set to 1.8.3
- Translation missing: en.field_release changed from 4 to 16
Thanks, reproduced successfully. It's trying to look up permissions for Parameter, not CommonParameter.
Also affected are the /api/v2/*/parameters routes, which try to look up permissions "view_domains_parameters" etc.
Updated by Dominic Cleal over 10 years ago
- Blocks Tracker #4552: New permissions/authorization system issues added
Updated by Dominic Cleal over 10 years ago
- Status changed from Assigned to Ready For Testing
Updated by Jason Knudsen over 10 years ago
Awesome. Thanks for the quick turnaround on that - confirmed it's working in our lab!
Updated by Dominic Cleal over 10 years ago
- Status changed from Ready For Testing to Closed
- % Done changed from 0 to 100
Applied in changeset 7cb05aa94e942bd3917c6cde33957288ea84a735.
Updated by Dominic Cleal over 10 years ago
- Translation missing: en.field_release changed from 16 to 4
Updated by Dominic Cleal over 10 years ago
Jason Knudsen wrote:
Awesome. Thanks for the quick turnaround on that - confirmed it's working in our lab!
Great, it'll be in 1.5.0 final. Thanks for helping test the RCs!