Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 1516510 - All available permissions are not inherited by a user with multiple roles.
Summary: All available permissions are not inherited by a user with multiple roles.
Alias: None
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: ovirt-engine
Version: 4.1.6
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
: ---
Assignee: nobody nobody
QA Contact: meital avital
Depends On:
TreeView+ depends on / blocked
Reported: 2017-11-22 19:30 UTC by Ameya Charekar
Modified: 2018-05-06 08:56 UTC (History)
11 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Last Closed: 2018-03-20 18:36:19 UTC
oVirt Team: Virt
Target Upstream Version:

Attachments (Terms of Use)

System ID Priority Status Summary Last Updated
Red Hat Knowledge Base (Solution) 3433401 None None None 2018-05-06 08:56:33 UTC

Description Ameya Charekar 2017-11-22 19:30:06 UTC
Description of problem:

All available permissions are not inherited by a user with multiple roles and user only has least permissions available.

How reproducible:

Steps to Reproduce:
1. Create non-admin user.

2. Add "VMCreator" role to this user for a VM in down state from admin portal (Virtual Machines tab -> Permissions). Login to user portal with this user, "Initial Run" menu is available when we edit VM.

3. Add additional "InstanceCreator" role to this user for this VM from admin portal. Now "Initial Run" menu is no longer available from user portal after login out and login in.

Actual results:
User has least available permissions i.e. of "InstanceCreator" role.

Expected results:
User should have highest available permissions i.e. "Initial Run" with above roles.

Additional info:

Comment 1 Michal Skrivanek 2017-11-22 21:43:12 UTC
Note the UP is removed in 4.2, and the functionality you describe is not present in the VM Portal.

Comment 9 Marina 2018-03-20 18:36:19 UTC
As I see it, there is only cloud-init part that is missing from the VM Portal now, from the Initial Run dialog. And as the user has enough permissions to login to the Admin Portal, it can be handled there and I am fine not having that functionality exposed to the VM portal and having this bug not relevant. Closing. 
Thanks everyone!

Note You need to log in before you can comment on or make changes to this bug.