Project

General

Profile

Bug #5696

Migration of Admin users from 1.4 -> 1.5 results in "Role Name_username" roles that cannot be removed and cleaned up.

Added by Derek Wright over 5 years ago. Updated over 1 year ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Authorization
Target version:
Difficulty:
Triaged:
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:

Description

Initially produced by exporting prod Foreman 1.4.2 DB into vagrant instance for upgrade testing. After upgrading vagrant instance to 1.5, users marked as Admin had migration roles created but no "Roles" tab under their username to clean up the old roles. Migration may need to skip users marked as "Admin" or, before migration, remove Admin role from users (other than the Foreman default user admin).


Related issues

Has duplicate Foreman - Bug #5695: Administrator checkbox is not visible when editing a userDuplicate2014-05-13
Has duplicate Foreman - Bug #6259: Administrator user privileges cannot be demotedDuplicate2014-06-17
Blocks Foreman - Tracker #4552: New permissions/authorization system issuesNew

Associated revisions

Revision 78ccb985 (diff)
Added by Marek Hulán over 5 years ago

Fixes #5696 - Allow taxonomy and roles display

Revision be5fff8c (diff)
Added by Marek Hulán over 5 years ago

Fixes #5696 - Allow taxonomy and roles display

(cherry picked from commit 78ccb98504de455dcfa113df52f54f890a511ec4)

History

#1 Updated by Dominic Cleal over 5 years ago

  • Blocks Tracker #4552: New permissions/authorization system issues added

#2 Updated by Dominic Cleal over 5 years ago

  • Category set to DB migrations

#3 Updated by Derek Wright over 5 years ago

Also another note, when setting Admin on an individual user after the Upgrade to 1.5, their roles tab is no longer available. There is no way (that I can see in the UI) to remove admin privs from that user afterwards.

#4 Updated by Marek Hulán over 5 years ago

  • Category changed from DB migrations to Authorization
  • Status changed from New to Assigned
  • Assignee set to Marek Hulán
  • Target version set to 1.8.3

The problem is that we don't display form in case when we try to edit another admin user or we try to edit our own profile. Which is definitely a bug because there is no way to modify admin's permissions/orgs/locs. It's not related to new permissions, this was added in https://github.com/theforeman/foreman/pull/1191 not sure why yet. Is the correct behaviour to display it to anybody with :edit_users permission on a particular user maybe even if I'm editing myself?

#5 Updated by Marek Hulán over 5 years ago

  • Status changed from Assigned to Ready For Testing

#6 Updated by Dmitri Dolguikh over 5 years ago

  • Target version changed from 1.8.3 to 1.8.2

#7 Updated by Dominic Cleal over 5 years ago

  • Legacy Backlogs Release (now unused) set to 16

#8 Updated by Marek Hulán over 5 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

#9 Updated by Dominic Cleal over 5 years ago

  • Bugzilla link set to https://bugzilla.redhat.com/show_bug.cgi?id=1105570

#10 Updated by Dominic Cleal over 5 years ago

  • Has duplicate Bug #5695: Administrator checkbox is not visible when editing a user added

#11 Updated by Dominic Cleal over 5 years ago

  • Has duplicate Bug #6259: Administrator user privileges cannot be demoted added

Also available in: Atom PDF