Users need locations added even if "All users" is ticked
I am using locations, but not organizations. I have several locations defined. I have "All users" ticked on the Users sub-tab within each location.
I am using authentication with LDAP backends. For my LDAP sources, I have "Automatically create accounts in Foreman" ticked. My accounts are filtered with an LDAP filter, and automatic account creation works fine. My Anonymous role (which applies to these users) has the "view_locations" permission granted.
However, when a user logs in, they are not able to view any locations under the Administer -> Locations menu. And the "Any Context" menu in the top left does not list any locations in its dropdown.
Using an admin user (or a user who can edit other users), I can add locations manually to a specific user. If this user re-logs in, then they are able to view locations as expected.
It seems like the "All users" being specified on the Users sub-tab of the Location is not taking effect. Or I'm not understanding its intended purpose.
Dominic and I discussed this on IRC some. I can provide any information that might help. This is a new Foreman setup that we're just getting underway.
#7 Updated by Kavita Gaikwad over 2 years ago
After debugging the issue, found few things as below.
1. Not only users tab but all sub-tabs under location/organization are having similar behaviour.
2. Whenever user selects check-box "All users", non-selected users remains in select panel not moved to selected panel. After saving the taxonomy, those changes are not taking effect.
3. Lets say "All users" option checked under location and we try to create new user. Location is neither showing on the UI i.e user creation form nor assigned to user after save.
But if you see under edit location page, new user is listed under "selected" panel on users sub tab.
Please could anyone provide more details on above points. Exactly, What should be the behaviour of "All select" check-box on each sub-tab under taxonomy.
#10 Updated by Marek Hulán over 1 year ago
The original issue reported here was already fixed by #16624 in Foreman 1.14. By assigning taxonomy to to LDAP auth source, all users auto-created from this auth source will be configured to be assigned into auth source's locations. The PR fixes the usability issue so that using ignore checkbox would be less confusing as it would in reality add real associations between the resources and a given taxonomy.