[NMS-14193] Users with ROLE_USER face Access Denied when accessing Resource Graphs from Reports Section - The OpenNMS Issue Tracker

XML

Word

Printable

Details

Type: Bug
Status: Resolved (View Workflow)
Priority: Minor
Resolution: Fixed
Affects Version/s: 29.0.5
Fix Version/s: Meridian-2021.1.16, Meridian-2022.1.4, 30.0.0
Component/s: Web UI - General
Security Level: Default (Default Security Scheme)
Labels:
- bugfixsla

Sprint:
Horizon - April 27 - May 11, Horizon - May 11 - 25
HB Backlog Status:
Backlog
FD#:
1050

Description

When users with security role ROLE_USER try to access Reports >> Resource Graphs >> Choose a node >> Choose any resource, it displays a pop up window stating "Permission Denied

Seems like Users who have ROLE_USER Security role, they are unable to make a POST to "/opennms/rest/resources/generateId" endpoint to generate the id for the resource-graphs.
The Access Denied Page comes in but then quickly redirects to the resource graph page..
User is expecting this behavior of Access Denied Page Popping up and then redirecting to not happen to begin with.

WITH TEST USER

Request URL: http://sriraag-meridian-onms.southindia.cloudapp.azure.com:8980/opennms/rest/resources/generateId
Request Method: POST
Status Code: 403 Access is denied
Remote Address: 13.71.123.25:8980
Referrer Policy: strict-origin-when-cross-origin

This has been noticed on Horizon 29 and also Meridian 2019.1.2

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

resource-graphs-access-denied.PNG
123 kB
21/Apr/22 7:36 AM
test-user-reseource-graphs.PNG
103 kB
21/Apr/22 7:36 AM

Issue Links

mentioned in: Page Loading...

Activity

People

Assignee:: Pushkar Suthar

Reporter:: Sriraag Sridhar

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 21/Apr/22 7:36 AM

Updated:: 07/Jun/22 2:23 PM

Resolved:: 13/May/22 5:16 PM

HB Grooming Date:: 26/Apr/22