Bug #5696

Migration of Admin users from 1.4 -> 1.5 results in "Role Name_username" roles that cannot be removed and cleaned up.

Added by Derek Wright about 4 years ago. Updated 6 days ago.

Status:Closed
Priority:Normal
Assignee:Marek Hulán
Category:Authorization
Target version:1.5.1
Difficulty: Team Backlog:
Triaged: Fixed in Releases:
Bugzilla link:1105570 Found in Releases:1.5.0
Pull request:

Description

Initially produced by exporting prod Foreman 1.4.2 DB into vagrant instance for upgrade testing. After upgrading vagrant instance to 1.5, users marked as Admin had migration roles created but no "Roles" tab under their username to clean up the old roles. Migration may need to skip users marked as "Admin" or, before migration, remove Admin role from users (other than the Foreman default user admin).


Related issues

Duplicated by Foreman - Bug #5695: Administrator checkbox is not visible when editing a user Duplicate 05/13/2014
Duplicated by Foreman - Bug #6259: Administrator user privileges cannot be demoted Duplicate 06/17/2014
Blocks Foreman - Tracker #4552: New permissions/authorization system issues New 03/05/2014

Associated revisions

Revision 78ccb985
Added by Marek Hulán about 4 years ago

Fixes #5696 - Allow taxonomy and roles display

Revision be5fff8c
Added by Marek Hulán about 4 years ago

Fixes #5696 - Allow taxonomy and roles display

(cherry picked from commit 78ccb98504de455dcfa113df52f54f890a511ec4)

History

#1 Updated by Dominic Cleal about 4 years ago

  • Blocks Tracker #4552: New permissions/authorization system issues added

#2 Updated by Dominic Cleal about 4 years ago

  • Category set to DB migrations

#3 Updated by Derek Wright about 4 years ago

Also another note, when setting Admin on an individual user after the Upgrade to 1.5, their roles tab is no longer available. There is no way (that I can see in the UI) to remove admin privs from that user afterwards.

#4 Updated by Marek Hulán about 4 years ago

  • Category changed from DB migrations to Authorization
  • Status changed from New to Assigned
  • Assignee set to Marek Hulán
  • Target version set to 1.8.3

The problem is that we don't display form in case when we try to edit another admin user or we try to edit our own profile. Which is definitely a bug because there is no way to modify admin's permissions/orgs/locs. It's not related to new permissions, this was added in https://github.com/theforeman/foreman/pull/1191 not sure why yet. Is the correct behaviour to display it to anybody with :edit_users permission on a particular user maybe even if I'm editing myself?

#5 Updated by Marek Hulán about 4 years ago

  • Status changed from Assigned to Ready For Testing

#6 Updated by Dmitri Dolguikh about 4 years ago

  • Target version changed from 1.8.3 to 1.8.2

#7 Updated by Dominic Cleal about 4 years ago

  • Legacy Backlogs Release (now unused) set to 16

#8 Updated by Marek Hulán about 4 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

#9 Updated by Dominic Cleal about 4 years ago

  • Bugzilla link set to https://bugzilla.redhat.com/show_bug.cgi?id=1105570

#10 Updated by Dominic Cleal about 4 years ago

  • Duplicated by Bug #5695: Administrator checkbox is not visible when editing a user added

#11 Updated by Dominic Cleal about 4 years ago

  • Duplicated by Bug #6259: Administrator user privileges cannot be demoted added

Also available in: Atom PDF