Bug #5909
closedEditing host fails for non-admin user with fact filter
Description
When a non-administrator tries edit anything about a host, this error is displayed. This includes, but is not limited to, adding or removing a class from a host, changing a parameter, or adding a comment. Role filters are attached as a screenshot.
ActiveRecord::ReadOnlyRecord
ActiveRecord::ReadOnlyRecord
app/models/concerns/foreman/sti.rb:29:in `save_with_type'
app/controllers/hosts_controller.rb:117:in `block in update'
app/models/taxonomy.rb:41:in `block in no_taxonomy_scope'
app/models/taxonomy.rb:48:in `block (2 levels) in as_taxonomy'
app/models/concerns/foreman/thread_session.rb:143:in `as_location'
app/models/taxonomy.rb:47:in `block in as_taxonomy'
app/models/concerns/foreman/thread_session.rb:108:in `as_org'
app/models/taxonomy.rb:46:in `as_taxonomy'
app/models/taxonomy.rb:40:in `no_taxonomy_scope'
app/controllers/hosts_controller.rb:109:in `update'
app/models/concerns/foreman/thread_session.rb:33:in `clear_thread'
lib/middleware/catch_json_parse_errors.rb:9:in `call'
Files
Updated by m w over 10 years ago
Started PUT "/hosts/abacus0.isis.unc.edu" for 152.19.250.39 at 2014-05-23 08:58:17 -0400
Processing by HostsController#update as */*
Parameters: {"utf8"=>"✓", "authenticity_token"=>"REMOVED", "host"=>{"name"=>"abacus0.isis.unc.edu", "hostgroup_id"=>"", "environment_id"=>"1", "puppet_ca_proxy_id"=>"1", "puppet_proxy_id"=>"1", "puppetclass_ids"=>["", "42", "47", "51", "717", "215", "217", "828", "407", "822"], "managed"=>"f", "progress_report_id"=>"[FILTERED]", "lookup_values_attributes"=>"[FILTERED]", "host_parameters_attributes"=>{"0"=>{"name"=>"sm_customer", "value"=>"[FILTERED]", "nested"=>"", "id"=>"1246"}, "1"=>{"name"=>"sudo__full_sudo_groups", "value"=>"[FILTERED]", "nested"=>"", "id"=>"829"}}, "is_owned_by"=>"2-Users", "enabled"=>"1", "model_id"=>"2", "comment"=>"", "overwrite"=>"false"}, "id"=>"abacus0.isis.unc.edu"}
Operation FAILED: ActiveRecord::ReadOnlyRecord
Rendered common/500.html.erb (4.2ms)
Completed 500 Internal Server Error in 145ms (Views: 5.0ms | ActiveRecord: 40.7ms)
Updated by m w over 10 years ago
Sorry, please downgrade this from High. This only seems to cause an error when the search is based on a fact:
Host/managed view_hosts, edit_hosts facts.customer = mycustomer
Updated by Adam Winberg almost 10 years ago
I' also getting this with 1.7.1 while setting while using a role with a search filter on "Host/managed" based on a fact. If I remove the filter and use 'unlimited' instead or filter on for example hostgroup, it works.
I would think this would've been resolved after 8 months, or can you not reproduce it? In a devop environment its pretty important to be able to filter host permissions based on facts.
Updated by Dominic Cleal almost 10 years ago
- Blocks Tracker #4552: New permissions/authorization system issues added
Updated by Dominic Cleal almost 10 years ago
- Category set to Users, Roles and Permissions
Updated by Anthony Lapenna almost 10 years ago
Same issue in 1.7.1 when a user try to override a class parameter.
Also got a role with a search filter on "Host/managed" based on a fact.
Updated by Dominic Cleal over 9 years ago
- Subject changed from removing class from a host fails for non-admin user to Editing host fails for non-admin user with fact filter
- Status changed from New to Assigned
- Assignee set to Dominic Cleal
Updated by The Foreman Bot over 9 years ago
- Status changed from Assigned to Ready For Testing
- Pull request https://github.com/theforeman/foreman/pull/2286 added
- Pull request deleted (
)
Updated by Marek Hulán over 9 years ago
- Translation missing: en.field_release set to 35
Updated by Dominic Cleal over 9 years ago
- Status changed from Ready For Testing to Closed
- % Done changed from 0 to 100
Applied in changeset 0d80512c3293895750ffda82489b719c38ec5612.
Updated by Dominic Cleal over 9 years ago
- Translation missing: en.field_release changed from 35 to 50