Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

ACLs not applied to availability reports

Description

Steps to reproduce (requires a clean DB with no existing outage records):

1a. Create group "canhas" with all node categories included; add user "jeffg"
to this group
1b. Create group "nocanhas" with only "Production" node category; add user
"rjeffg" to this group
2. Add nodes 1 and 3 to node categories "Servers", "Production"; add node 2 to
categories "Servers", "Development"
3a. Create outages on nodes 1 and 2 that cover periods of time during the previous month. Easiest way is probably SQL e.g. "INSERT INTO outages VALUES (3, NULL, NULL, 2, '192.168.23.7', 1, NOW() - INTERVAL '32 days 8 hours', NOW() - INTERVAL '32 day 5 hours', NULL, NULL, 7)"
4. Log out and log in as "rjeffg", run an availability report on SLM category "Overall Service Availability"

Expected behavior: A report that reflects only a single outage (the one on node 1) for the previous month

Actual behavior: A report that includes both outages for the previous month.

Environment

Operating System: All Platform: PC

Acceptance / Success Criteria

None

Lucidchart Diagrams

Activity

Show:

Jonathan Sartin May 15, 2009 at 5:00 PM

So I don't think I'm going to progress this any further in this state. The reason for this is that further work on the AvailabilityReport code as is is a retrograde step.

I have created a new interface so (AvailabilityDataService) that the current data extraction could be replaced by something that observed custom views, but I really think that we'd probably be better off doing the donkey work with JasperReports or BIRT.

IMO we need to start a discussion more along the lines of which reporting tool we want to use to replace the existing report code, rather than add to it at this point.

Jonathan Sartin April 28, 2009 at 4:02 AM

Well, having admin as the only user who can run reports is pretty easy to enforce, but isn't a long term fix. I'll try and take a look at the wider issues this week.

Jeff Gehlbach April 27, 2009 at 5:39 PM

Yeah, it's got the potential to get pretty hairy. I'm just opening these as I find them, more as an effort to get an initial idea of what works and what doesn't than anything else. It might ultimately be that only admin users (or perhaps some new role such as "report admin") can run reports.

Jonathan Sartin April 27, 2009 at 5:33 PM

I suspect its worse than that insofar as the persistence feature for availability reports is not aware of the ACL features. Would probably need to add a group or user field to the report locator table that was checked when listing or managing reports.

Details

Assignee

Reporter

Labels

Components

Affects versions

Priority

PagerDuty

Created April 27, 2009 at 4:37 PM
Updated July 28, 2023 at 3:35 PM