Bug #9100
closed
Katello permissions not working on user groups
Description
Currently, permissions in Katello (view_lifecycle_environments,etc...) are not being properly used when inherited from a user group. Katello permissions work well when assigned directly to an user.
Steps I followed (on nightly):
1) As admin, create a user without any roles, or taxonomies.
2) Log in as said user. It doesn't show anything that requires a permission as expected.
3) As admin create a role, with three filters to view lifecycle environments, activation keys, and compute resources
4) As admin, create an user group, and add the previously created user and role to it.
5) Refresh the page with the non-admin user. You should see the Content menu with Lifecycle Environments, Activation Keys and Compute Resources, as expected.
6) Click on any of Lifecycle Environments and Activation Keys. You will get a 403 and a Permission denied error.
7) Click on Infrastructure > Compute Resources. It will show the list of compute resources
Expected results:
'Katello' roles inherited from user groups should work on users.
Actual results:
"Permission Denied" message seen when providing roles to user_groups.
Updated by Eric Helms about 10 years ago
- Target version set to 66
- Translation missing: en.field_release set to 23
- Triaged changed from No to Yes
Updated by Eric Helms about 10 years ago
- Status changed from New to Need more information
Is this a Katello only issue or an all plugins issue? Since we are using the Foreman permission system entirely, this would at my first glance, appear to be more of an issue with how the permissions are being handled by Foreman and potentially related to plugins themselves?
Updated by Daniel Lobato Garcia about 10 years ago
Seems like Katello only, I tried granting PuppetDB dashboard and Docker management roles through an user group and these permissions are transferred properly.
Updated by Eric Helms almost 10 years ago
- Category set to Web UI
- Assignee set to Eric Helms
Updated by Eric Helms almost 10 years ago
- Status changed from Need more information to Assigned
- Translation missing: en.field_release changed from 23 to 33
Updated by The Foreman Bot almost 10 years ago
- Status changed from Assigned to Ready For Testing
- Pull request https://github.com/Katello/bastion/pull/41 added
- Pull request deleted (
)
Updated by Eric Helms almost 10 years ago
- Status changed from Ready For Testing to Closed
- % Done changed from 0 to 100
Applied in changeset bastion:commit:bastion|a78e4a115d7b312be36cb9371db990134b3ba47d.