Skip to content

[WIP] Extract the tenant id from the x_node #9527

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

[WIP] Extract the tenant id from the x_node #9527

wants to merge 1 commit into from

Conversation

jrafanie
Copy link
Member

Using params for the action rbac_tenant_delete is correct for this action.

It should not be used for any role_allows? calls as they can be for doing different actions/product features. For example, after deleting a tenant, the subsequent call to replace the right cell and update the screen after the deletion should not refer to an already deleted tenant.

Fixes #9512. Replaces #9523

@jrafanie
Extract the tenant id from the x_node
37004bc 
Using params for the action rbac_tenant_delete is correct for this action.

It should not be used for any role_allows? calls as they can be for doing
different actions/product features.  For example, after deleting a tenant,
the subsequent call to replace the right cell and update the screen after
the deletion should not refer to an already deleted tenant.

Fixes ManageIQ#9512
@jrafanie jrafanie requested a review from a team as a code owner July 24, 2025 16:56
@jrafanie jrafanie mentioned this pull request Jul 24, 2025
Merged
@jrafanie jrafanie added the bug label Jul 24, 2025
@jrafanie
Copy link
Member Author

cool, tests failed... looking

Fryguy
Fryguy reviewed Jul 24, 2025
View reviewed changes
app/controllers/ops_controller/ops_rbac.rb
end

if MiqProductFeature.my_root_tenant_identifier?(options[:feature]) && self.x_node.to_s.start_with?("tn-")
_, id, _ = TreeBuilder.extract_node_model_and_id(self.x_node.to_s)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bonus whitespace

Suggested change
_, id, _ = TreeBuilder.extract_node_model_and_id(self.x_node.to_s)
_, id, _ = TreeBuilder.extract_node_model_and_id(self.x_node.to_s)

@jrafanie
Copy link
Member Author

jrafanie commented Jul 24, 2025
edited
Loading

cool, tests failed... looking

will need to look at this later... it looks like basic button role_allows_feature? expects to be able to pull out the controller's params id to check if the role_allows the button action. Note, we don't actually pass the tenant id to the button, it pulls it from the controller's params. 😭

What a mess:
#5123
#5129
#5142

I have concern other areas may also rely on checking the controller's params. 🤷

@jrafanie jrafanie changed the title Extract the tenant id from the x_node [WIP] Extract the tenant id from the x_node Jul 24, 2025
@Fryguy
Copy link
Member

Fryguy commented Jul 24, 2025

Ugh, ok. We may have to detangle this one together and/or find a way to drop that role_allows? override.

@Fryguy Fryguy added the wip label Jul 24, 2025
@jrafanie jrafanie closed this Aug 13, 2025
@jrafanie
Copy link
Member Author

After a discuss with @Fryguy a few weeks ago, a surgical #9523 is probably better than for now.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Fryguy Fryguy Fryguy left review comments

Assignees
No one assigned
Labels
bug wip
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Deleting a tenant raises an Server Error
2 participants
@jrafanie @Fryguy