Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 1516684 - Unable to refresh/submit user groups with linked external group used for Ldap auth
Summary: Unable to refresh/submit user groups with linked external group used for Ldap...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Satellite 6
Classification: Red Hat
Component: LDAP
Version: 6.3.0
Hardware: Unspecified
OS: Unspecified
unspecified
medium vote
Target Milestone: Unspecified
Assignee: Marek Hulan
QA Contact: Sanket Jagtap
URL:
Whiteboard:
Depends On:
Blocks: 1404507
TreeView+ depends on / blocked
 
Reported: 2017-11-23 09:34 UTC by Sanket Jagtap
Modified: 2019-04-01 20:27 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2018-02-21 16:54:37 UTC


Attachments (Terms of Use)
Whole traceback from UI on refresh (deleted)
2017-11-23 09:34 UTC, Sanket Jagtap
no flags Details
Whole traceback from UI on submit (deleted)
2017-11-23 09:36 UTC, Sanket Jagtap
no flags Details


Links
System ID Priority Status Summary Last Updated
Github /theforeman/foreman/commit/60b7b98d42b905084acd63515c823ac965b608 None None None 2017-12-20 12:55:16 UTC
Foreman Issue Tracker 11153 None None None 2017-12-11 12:26:59 UTC
Red Hat Bugzilla 1526757 None None None Never

Description Sanket Jagtap 2017-11-23 09:34:46 UTC
Created attachment 1358088 [details]
Whole traceback from UI on refresh

Description of problem:


Version-Release number of selected component (if applicable):
Build : Satellite 6.3.0 snap 25

How reproducible:
Always

Steps to Reproduce:
1. Add a external Auth source. Here I added a IDM 
2. Create a Usergroup
3. Associate the external group from LDAP to the create user group
4. Try and hit refresh for the external linked user group


Actual results:
1 )Traceback for refresh
Oops, we're sorry but something went wrong Missing template external_usergroups/refresh, application/refresh with {:locale=>[:en], :formats=>[:html], :variants=>[], :handlers=>[:erb, :builder, :raw, :ruby, :rabl]}. Searched in: * "/usr/share/foreman/app/views" * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman_openscap-0.7.10/app/views" * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman_remote_execution-1.3.7/app/views" * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman_theme_satellite-1.0.4.12/app/views" * "/opt/theforeman/tfm/root/usr/share/gems/gems/redhat_access-2.0.12/app/views" * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman_virt_who_configure-0.1.8/app/views" * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman_bootdisk-9.0.0/app/views" * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman_discovery-9.1.5/app/views" * "/opt/theforeman/tfm/root/usr/share/gems/gems/katello-3.4.5.27/app/views" * "/opt/theforeman/tfm/root/usr/share/gems/gems/bastion-5.1.1/app/views" * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman_docker-3.1.0/app/views" * "/opt/theforeman/tfm/root/usr/share/gems/gems/foreman-tasks-0.9.6/app/views" * "/opt/theforeman/tfm/root/usr/share/gems/gems/apipie-rails-0.5.4/app/views"

2) Traceback on submitting the usergroup
Oops, we're sorry but something went wrong stack level too deep

Expected results:
The user group should be refreshed successfully

Additional info:
I am unable to configure user group with LDAP external groups
Also , a regression from 6.2

Comment 2 Sanket Jagtap 2017-11-23 09:36:14 UTC
Created attachment 1358089 [details]
Whole traceback from UI on submit

Comment 3 Daniel Lobato Garcia 2017-11-23 13:28:48 UTC
Could you provide more details about the structure of the LDAP user group you're trying to add? Does it work with other auth sources? If I'm not wrong this was working on other snaps, so I'd like to be able to reproduce to fix it asap.

Thanks Sanket!

Comment 4 Sanket Jagtap 2017-11-23 14:14:19 UTC
I tried with both AD and IDM. Both got me same traceback on refresh. I can provide you the reproducer.

 I am not sure, when this was broken.

Comment 7 pm-sat@redhat.com 2017-12-13 13:09:31 UTC
Moving this bug to POST for triage into Satellite 6 since the upstream issue http://projects.theforeman.org/issues/11153 has been resolved.

Comment 8 Sanket Jagtap 2017-12-18 07:16:31 UTC
Build: Satellite 6.3.0 snap 29

I was unable to create a Usergroup with external group , when clicked on Submit i get a Traceback

PFA,

Comment 10 Sanket Jagtap 2017-12-18 07:36:50 UTC
Comment https://bugzilla.redhat.com/show_bug.cgi?id=1516684#c8 happens when I add the IPA LDAP Auth source with some user other than admin.

When I try the same with admin user I am able to create Usergroup but when i refresh the linked external group I am still able to reproduce the Original error from https://bugzilla.redhat.com/show_bug.cgi?id=1516684#c0
PFA https://bugzilla.redhat.com/attachment.cgi?id=1358088

Comment 11 Marek Hulan 2017-12-19 18:06:50 UTC
> Comment https://bugzilla.redhat.com/show_bug.cgi?id=1516684#c8 happens when I add the IPA LDAP Auth source with some user other than admin.

you're hitting separate issue, this was fixed it for updating existing auth source, creation was missed :-( I'll address this together with the proper fix

> When I try the same with admin user I am able to create Usergroup but when i
> refresh the linked external group I am still able to reproduce the Original error 
> from https://bugzilla.redhat.com/show_bug.cgi?id=1516684#c0

this was introduced by a different commit that was cherrypicked together, I've opened another PR upstream that will need to be cherrypicked, once the PR is merged - https://github.com/theforeman/foreman/pull/5102

Comment 12 Marek Hulan 2017-12-20 11:01:24 UTC
Ready for another cherrypick, this time https://github.com/theforeman/foreman/commit/60b7b98d42b905084acd63515c823ac965b608a4 is needed

Comment 13 Sanket Jagtap 2017-12-27 06:47:16 UTC
Build: Satellite 6.3.0 snap30 

I am able to add the LDAP Auth, tested with AD and IDM
I was able to create usergroup and associate external usergroup from auth sources.
The users in the user group from auth sources successfully inherited the permissions from the user group
I was able to refresh the external groups.
No error or traceback was seen

Comment 14 Nagoor Shaik 2017-12-27 11:29:49 UTC
*** Bug 1526757 has been marked as a duplicate of this bug. ***

Comment 15 pm-sat@redhat.com 2018-02-21 16:54:37 UTC
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA.
> > 
> > For information on the advisory, and where to find the updated files, follow the link below.
> > 
> > If the solution does not work for you, open a new bug report.
> > 
> > https://access.redhat.com/errata/RHSA-2018:0336


Note You need to log in before you can comment on or make changes to this bug.