manageiq icon indicating copy to clipboard operation
manageiq copied to clipboard
verified publisher icon ManageIQ

RBAC bug: multiple filters in one category

Open chrisarcand opened this issue 9 years ago • 8 comments

If you assign a user to a group with multiple filters in a single category (e.g. location -> Chicago and location -> New York), logging in as that user results in errors on most pages. Note this is also after adding a provider and labelling an instance/vm with one of those tags, too.

Error caught: [PG::InvalidColumnReference] ERROR:  for SELECT DISTINCT, ORDER BY expressions must appear in select list
LINE 1: ...ager') AND "taggings"."tag_id" IN (5, 6) ORDER BY lower(name...
                                                             ^

/Users/carcand/.rbenv/versions/2.2.4/lib/ruby/gems/2.2.0/bundler/gems/rails-2b92069a4985/activerecord/lib/active_record/connection_adapters/postgresql_adapter.rb:590:in `async_exec'
/Users/carcand/.rbenv/versions/2.2.4/lib/ruby/gems/2.2.0/bundler/gems/rails-2b92069a4985/activerecord/lib/active_record/connection_adapters/postgresql_adapter.rb:590:in `block in exec_no_cache'
/Users/carcand/.rbenv/versions/2.2.4/lib/ruby/gems/2.2.0/bundler/gems/rails-2b92069a4985/activerecord/lib/active_record/connection_adapters/abstract_adapter.rb:527:in `block in log'
/Users/carcand/.rbenv/versions/2.2.4/lib/ruby/gems/2.2.0/bundler/gems/rails-2b92069a4985/activesupport/lib/active_support/notifications/instrumenter.rb:21:in `instrument'
/Users/carcand/.rbenv/versions/2.2.4/lib/ruby/gems/2.2.0/bundler/gems/rails-2b92069a4985/activerecord/lib/active_record/connection_adapters/abstract_adapter.rb:521:in `log'
/Users/carcand/.rbenv/versions/2.2.4/lib/ruby/gems/2.2.0/bundler/gems/rails-2b92069a4985/activerecord/lib/active_record/connection_adapters/postgresql_adapter.rb:590:in `exec_no_cache'
/Users/carcand/.rbenv/versions/2.2.4/lib/ruby/gems/2.2.0/bundler/gems/rails-2b92069a4985/activerecord/lib/active_record/connection_adapters/postgresql_adapter.rb:579:in `execute_and_clear'
/Users/carcand/.rbenv/versions/2.2.4/lib/ruby/gems/2.2.0/bundler/gems/rails-2b92069a4985/activerecord/lib/active_record/connection_adapters/postgresql/database_statements.rb:103:in `exec_query'
/Users/carcand/.rbenv/versions/2.2.4/lib/ruby/gems/2.2.0/bundler/gems/rails-2b92069a4985/activerecord/lib/active_record/connection_adapters/abstract/database_statements.rb:377:in `select'
/Users/carcand/.rbenv/versions/2.2.4/lib/ruby/gems/2.2.0/bundler/gems/rails-2b92069a4985/activerecord/lib/active_record/connection_adapters/abstract/database_statements.rb:41:in `select_all'
/Users/carcand/.rbenv/versions/2.2.4/lib/ruby/gems/2.2.0/bundler/gems/rails-2b92069a4985/activerecord/lib/active_record/connection_adapters/abstract/query_cache.rb:68:in `block in select_all'
/Users/carcand/.rbenv/versions/2.2.4/lib/ruby/gems/2.2.0/bundler/gems/rails-2b92069a4985/activerecord/lib/active_record/connection_adapters/abstract/query_cache.rb:83:in `cache_sql'
/Users/carcand/.rbenv/versions/2.2.4/lib/ruby/gems/2.2.0/bundler/gems/rails-2b92069a4985/activerecord/lib/active_record/connection_adapters/abstract/query_cache.rb:68:in `select_all'
/Users/carcand/.rbenv/versions/2.2.4/lib/ruby/gems/2.2.0/bundler/gems/rails-2b92069a4985/activerecord/lib/active_record/querying.rb:39:in `find_by_sql'
/Users/carcand/.rbenv/versions/2.2.4/lib/ruby/gems/2.2.0/bundler/gems/rails-2b92069a4985/activerecord/lib/active_record/relation.rb:699:in `exec_queries'
/Users/carcand/.rbenv/versions/2.2.4/lib/ruby/gems/2.2.0/bundler/gems/rails-2b92069a4985/activerecord/lib/active_record/relation.rb:580:in `load'
/Users/carcand/.rbenv/versions/2.2.4/lib/ruby/gems/2.2.0/bundler/gems/rails-2b92069a4985/activerecord/lib/active_record/relation.rb:260:in `records'
/Users/carcand/.rbenv/versions/2.2.4/lib/ruby/gems/2.2.0/bundler/gems/rails-2b92069a4985/activerecord/lib/active_record/relation/delegation.rb:39:in `each'
/Users/carcand/.rbenv/versions/2.2.4/lib/ruby/gems/2.2.0/bundler/gems/rails-2b92069a4985/activerecord/lib/active_record/relation/query_methods.rb:266:in `select'
/Users/carcand/.rbenv/versions/2.2.4/lib/ruby/gems/2.2.0/bundler/gems/rails-2b92069a4985/activerecord/lib/active_record/relation/query_methods.rb:266:in `select'
/Users/carcand/workspace/manageiq/manageiq/lib/extensions/ar_taggable.rb:77:in `block in find_tags_by_grouping'
/Users/carcand/workspace/manageiq/manageiq/lib/extensions/ar_taggable.rb:70:in `each'
/Users/carcand/workspace/manageiq/manageiq/lib/extensions/ar_taggable.rb:70:in `find_tags_by_grouping'
/Users/carcand/.rbenv/versions/2.2.4/lib/ruby/gems/2.2.0/bundler/gems/rails-2b92069a4985/activerecord/lib/active_record/relation/delegation.rb:65:in `block in find_tags_by_grouping'
/Users/carcand/.rbenv/versions/2.2.4/lib/ruby/gems/2.2.0/bundler/gems/rails-2b92069a4985/activerecord/lib/active_record/relation.rb:351:in `scoping'
/Users/carcand/.rbenv/versions/2.2.4/lib/ruby/gems/2.2.0/bundler/gems/rails-2b92069a4985/activerecord/lib/active_record/relation/delegation.rb:65:in `find_tags_by_grouping'
/Users/carcand/workspace/manageiq/manageiq/app/models/rbac.rb:235:in `get_managed_filter_object_ids'
/Users/carcand/workspace/manageiq/manageiq/app/models/rbac.rb:125:in `calc_filtered_ids'
/Users/carcand/workspace/manageiq/manageiq/app/models/rbac.rb:239:in `find_targets_with_direct_rbac'
/Users/carcand/workspace/manageiq/manageiq/app/models/rbac.rb:278:in `find_targets_with_rbac'
/Users/carcand/workspace/manageiq/manageiq/app/models/rbac.rb:470:in `search'
/Users/carcand/workspace/manageiq/manageiq/app/models/rbac.rb:321:in `filtered'
/Users/carcand/workspace/manageiq/manageiq/app/presenters/tree_builder.rb:469:in `rbac_filtered_objects'
...

and

[----] F, [2016-04-13T12:42:41.499161 #40443:3fdde7de07d8] FATAL -- : Error caught: [NoMethodError] undefined method `reorder' for []:Array
/Users/carcand/workspace/manageiq/manageiq/app/models/rbac.rb:235:in `get_managed_filter_object_ids'
/Users/carcand/workspace/manageiq/manageiq/app/models/rbac.rb:125:in `calc_filtered_ids'
/Users/carcand/workspace/manageiq/manageiq/app/models/rbac.rb:239:in `find_targets_with_direct_rbac'
/Users/carcand/workspace/manageiq/manageiq/app/models/rbac.rb:278:in `find_targets_with_rbac'
/Users/carcand/workspace/manageiq/manageiq/app/models/rbac.rb:470:in `search'
/Users/carcand/workspace/manageiq/manageiq/app/models/miq_report/search.rb:106:in `paged_view_search'
/Users/carcand/workspace/manageiq/manageiq/app/controllers/application_controller.rb:1592:in `get_view'
/Users/carcand/workspace/manageiq/manageiq/app/controllers/application_controller/ci_processing.rb:1047:in `process_show_list'
/Users/carcand/workspace/manageiq/manageiq/app/controllers/ems_common.rb:121:in `show_list'
...

@miq-bot add_labels bug, rbac

cc/ @kbrock

chrisarcand avatar Apr 15 '16 17:04 chrisarcand

@kbrock Will recheck this soon.

@miq-bot assign @chrisarcand

chrisarcand avatar Jul 14 '16 15:07 chrisarcand

This issue has been automatically marked as stale because it has not been updated for at least 6 months.

If you can still reproduce this issue on the current release or on master, please reply with all of the information you have about it in order to keep the issue open.

Thank you for all your contributions!

miq-bot avatar Aug 26 '17 04:08 miq-bot

@chrisarcand If we change ORDER BY lower(name) to just ORDER BY name the function, does this resolve this issue?

kbrock avatar Sep 01 '17 21:09 kbrock

@kbrock do you know the status of this?

chessbyte avatar Oct 16 '19 18:10 chessbyte

so this error happens when the order is not in the select clause. even thought the name is in the SELECT clause, it needs lower(name) to be in the distinct clause to work.

If this were ORDER BY name or if the DISTINCT was not there, then postgres would be fine with this query. More recent version of rails inject the column into the SELECT

I was pretty sure we solved this problem a while ago but do not have a link to the solving PR.

kbrock avatar Feb 08 '22 16:02 kbrock

@chrisarcand Cannot apply the following label because they are not recognized:

  • rbac

All labels for ManageIQ/manageiq: https://github.com/ManageIQ/manageiq/labels

miq-bot avatar Feb 08 '22 16:02 miq-bot

@chrisarcand 'chrisarcand' is an invalid assignee, ignoring...

miq-bot avatar Feb 08 '22 16:02 miq-bot

🥴

chrisarcand avatar Feb 09 '22 03:02 chrisarcand

This issue has been automatically marked as stale because it has not been updated for at least 3 months.

If you can still reproduce this issue on the current release or on master, please reply with all of the information you have about it in order to keep the issue open.

Thank you for all your contributions! More information about the ManageIQ triage process can be found in the triage process documentation.

miq-bot avatar Feb 27 '23 00:02 miq-bot

This issue has been automatically closed because it has not been updated for at least 3 months.

Feel free to reopen this issue if this issue is still valid.

Thank you for all your contributions! More information about the ManageIQ triage process can be found in the triage process documentation.

miq-bot avatar May 29 '23 00:05 miq-bot