Project

General

Profile

Actions
Copy link

Bug #9963

closed

Upgrade from 1.2 to 2.0 fails with "some permissions were not found" ArgumentError

Added by Lukas Zapletal about 9 years ago. Updated almost 8 years ago.

Status:
Closed
Priority:
High
Assignee:
-
Category:
Discovery plugin
Target version:
Discovery Plugin 2.0.3
Difficulty:
Triaged:
Bugzilla link:
Pull request:
https://github.com/theforeman/foreman_discovery/pull/176
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

Permissions were added in the 1.2 version of the plugin (44a0746680407fc009377b1f3abe35c336bf40db). Later on (in 1.3) we have added "Host" resource_type for discovery hosts permissions in version 1.3 (7bd2ab66240c494cdbc9a8ba33ef6fb82a3734bf) which worked for the first time. But this created four extra permissions leaving the old in the database:

#<Permission id: 152, name: "view_discovered_hosts", resource_type: nil,
#<Permission id: 153, name: "provision_discovered_hosts", resource_type: nil,
#<Permission id: 154, name: "edit_discovered_hosts", resource_type: nil,
#<Permission id: 155, name: "destroy_discovered_hosts", resource_type: nil,

#<Permission id: 156, name: "view_discovered_hosts", resource_type: "Host",
#<Permission id: 157, name: "provision_discovered_hosts", resource_type:
#<Permission id: 158, name: "edit_discovered_hosts", resource_type: "Host",
#<Permission id: 159, name: "destroy_discovered_hosts", resource_type: "Host",

#<Permission id: 171, name: "view_discovery_rules", resource_type: nil,
#<Permission id: 172, name: "new_discovery_rules", resource_type: nil,
#<Permission id: 173, name: "edit_discovery_rules", resource_type: nil,
#<Permission id: 174, name: "execute_discovery_rules", resource_type: nil,
#<Permission id: 175, name: "delete_discovery_rules", resource_type: nil,

From now on, everytime we touched "Discovery" role it failed because the check in Foreman Core.

WORKAROUND: In /usr/share/foreman/lib/foreman_discovery/engine.rb comment out the two lines:

role "Discovery Manager", [:view_discovered_hosts, ... ]
role "Discovery Reader", [:view_discovered_hosts, ... ]

Then migrate, restart, remove all user-role associations for these roles, delete those roles. Then uncomment these lines, restart Foreman and those roles will appear back. Assign the roles as expected.

SOLUTION: Delete the extra permissions without resource_type defined (nil). We can do this in a migration which will fix for all users which are currently upgrading from 1.2 version. For those who already upgraded, they must use the workaround from above, or we could add the hack into engine.rb.

Related issues 1 (0 open1 closed)

Related to Foreman - Bug #13529: Duplicate permissions are allowed and not recognizedClosedShlomi Zadok02/02/2016Actions
Actions
Copy link

Also available in: Atom PDF