Project

General

Profile

Actions
Copy link

Bug #47331

closed

mgr/dashboard: non-administrator users can't login when telemetry notification is on

Added by Kiefer Chang over 3 years ago. Updated about 3 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Tatjana Dehler
Category:
General
Target version:
Ceph - v16.0.0
% Done:

0%

Source:
Tags:
Backport:
octopus
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
Ceph - v15.2.5, Ceph - v16.0.0
ceph-qa-suite:
Pull request ID:
37043
Crash signature (v1):
Crash signature (v2):

Description

Steps to reproduce:

  • Create a user with a role other than `administrator`. e.g. pool-manager
  • Use the browser with incognito mode to visit the Dashboard (Need Telemetry notification to be on).
  • Login with the new user, the user will be redirected to the 403 Forbidden page.

The cause might be that telemetry component checks the user's role, but the new user doesn't have the permission to get `/api/user/<name>`.
See:
https://github.com/ceph/ceph/blob/b54e27093082cc5b1a3bebc0a8b2590efc948e7d/src/pybind/mgr/dashboard/frontend/src/app/shared/components/telemetry-notification/telemetry-notification.component.ts#L32-L44

Related issues 1 (0 open1 closed)

Copied to Dashboard - Backport #47606: octopus: mgr/dashboard: non-administrator users can't login when telemetry notification is onResolvedLaura PaduanoActions
Actions
Copy link

Also available in: Atom PDF