|Anonymous | Login | Signup for a new account||2018-01-22 18:01 UTC|
|Main | My View | View Issues | Change Log | My Account|
|View Issue Details|
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0008065||TestLink||Users and Rights||public||2017-08-29 19:43||2017-09-12 04:30|
|Platform||PC||OS||Windows||OS Version||7 Pro|
|Product Version||1.9.16 (2016 Q4)|
|Fixed in Version||1.9.17 (2017 Q2)|
|Summary||0008065: user rights at project level should be also considered|
|Description||It seems that the role given to a user at the project level (and associated rights) are not checked when the user wants to create test case results using TestLink API (for ex. XMLRPC)|
As an example, a guest user in TestLink having the role = leader in his project cannot create a platform using XMLRPC scripting even if the platform_management right is checked for a leader.
To fix this, the user with role = guest in TestLink must be defined as a leader in TestLink, then the script is ok and platform is created in TestLink.
Enhancement: the role assigned to a user in a project should be also considered and not just the role when the user is created in TestLink.
Consequence: It is important that TestLink in future release can manage multiple projects with multiple teams.
By default in TestLink, users are created with role=guest and then, are assigned to another role (tester, leader, senior tester, etc) in their respective project.
As soon as they are using external mechanisms (API, automation scripts..) to import/create stuff in TestLink, they are facing this issue with "not enough rights to perform..."
|Additional Information||see http://mantis.testlink.org/view.php?id=8058 [^] as reference|
|Tags||No tags attached.|
|QA Team - Task Workflow Status||READY FOR TESTING|
|Attached Files|| insufficient rights.png [^] (9,455 bytes) 2017-09-05 18:45
Screen Shot 2017-09-09 at 13.08.54.png [^] (82,127 bytes) 2017-09-09 11:11
clientCreatePlatformDOVI.php [^] (1,120 bytes) 2017-09-09 11:11
as always requested detailed steps to reproduce are needed.
without this is impossible to work on this.
|why 0008058 is a reference ?this issue has been solved|
Steps to reproduce? You already tested in 0008058:
Tested on MAC OS using mamp Pro, using latest code from github
1. created user XMLRPC-API-INTEGRATION, with role GUEST
2. create a new role xmlrpc-api-integration with JUST one right platform-management
3. login as XMLRPC-API-INTEGRATION, generate API Key
4. use clientCreatePlatform.php
5. Platform created without issues
Tested on 1.9.16 => no issue
We got this issue with TestLink 1.9.15 and to fix it, we had to create user with a role having the platform-management right.
We plan to upgrade TestLink to 1.9.16 in a couple of weeks, so we will be able to test by ourselves.
Thanks for your support!
The steps you have provided do not help to reproduce your situation.
I think I've already fixed it, but really think that the minimum help I'm asking has to be provided
Re-reading the steps on previous issue is a missin step => assign the new created role the user.
|Please use this, retest and provide feedback|
edited on: 2017-08-30 20:09
As soon as we upgrade to version 1.9.16, I will retest and provide feedback.
Just a comment on the missing step => assign the new created role to the user:
Do you assign the new role to the user in a project? or do you replace guest by xmlrpc-api-integration in TestLink?
Because this is the problem. In our case:
- user is guest in TestLink and
- user is leader in ProjectX
when user executes python script to create a platform in ProjectX, it gets an issue "no platform management rights"
- user is leader in TestLink
- user is leader in the project ProjectX (inherited)
No issue, platform created in ProjectX when running the script.
I will provide feedback as soon as possible.
>> Do you assign the new role to the user in a project? or do you replace guest by xmlrpc-api-integration in TestLink?
I did what is explained => GLOBAL role has been changed.
That's why I request that you provide the steps to reproduce, instead of guess conclusions from other tests.
|no more user feedback|
I just tested with TestLink 1.9.16 + latest fix package on my local environment (windows)
Steps to reproduce:
- create user lmcpcar with default role (guest) in TestLink
- create project ProjectX1 and give role = leader to lmcpcar in this project.
- login to TestLink with user = lmcpcar and create devkey for lmcpcar
- Update php script "clientCreatePlatform.php" by providing the devkey, project name ProjectX1, the platform name and notes
- execute the script
Error generated: "User lmcpcar, corresponding to Developer Key has insufficient rights to perform this action - Details: right platform_management"
If I change and replace role=guest with role=leader for lmcpcar, there is no error and the platform is created in ProjectX1.
It seems that when executing the script, the role assigned to lmcpcar in ProjectX1 is not taken into account.
Enhancement: the role assigned to a user in a project should be also considered when checking the rights and not just the GLOBAL role in TestLink.
edited on: 2017-09-09 11:10
1. get latest code from github (@20170909 - 13:00 CET)
2. do fresh install
3. login as admin
4. create test project PUBLIC => MOTOGP MISANO 2017
5. create test project PUBLIC => MOTOGP ASSEN 2017
6. create user dovizioso with default role GUEST
7. assign role leader to dovizioso on MOTOGP MISANO 2017
8. generate API KEY for dovizioso
9. use attached clientCreatePlatformDOVI.PHP fiel
10. tests OK => see images
Fresh install with latest code from github (extracted from http://mantis.testlink.org/view.php?id=7817 [^])
I confirm it is working as expected.
User dovizioso (guest in TestLink and leader in project MOTOGP MISANO 2017)
was able to create successfully a platform in project MOTOGP MISANO 2017.
Thanks a lot!
(It seems that my latest fix package apparently was not the latest one! I will update my previous installation and will do the tests again)
|2017-08-29 19:43||tjosephine||New Issue|
|2017-08-30 16:17||fman||QA Team - Task Workflow Status||=> TBD|
|2017-08-30 16:17||fman||View Status||private => public|
|2017-08-30 16:18||fman||Note Added: 0026796|
|2017-08-30 16:19||fman||Assigned To||=> fman|
|2017-08-30 16:19||fman||Status||new => feedback|
|2017-08-30 16:32||fman||Note Added: 0026803|
|2017-08-30 18:57||tjosephine||Note Added: 0026804|
|2017-08-30 18:57||tjosephine||Status||feedback => assigned|
|2017-08-30 19:42||fman||Note Added: 0026805|
|2017-08-30 19:44||fman||Note Added: 0026806|
|2017-08-30 19:44||fman||Status||assigned => feedback|
|2017-08-30 20:08||tjosephine||Note Added: 0026808|
|2017-08-30 20:08||tjosephine||Status||feedback => assigned|
|2017-08-30 20:09||tjosephine||Note Edited: 0026808||View Revisions|
|2017-08-30 20:09||tjosephine||Note Edited: 0026808||View Revisions|
|2017-08-30 20:15||fman||Note Added: 0026809|
|2017-09-02 07:17||fman||QA Team - Task Workflow Status||TBD => READY FOR TESTING|
|2017-09-02 07:17||fman||Note Added: 0026814|
|2017-09-02 07:17||fman||Status||assigned => resolved|
|2017-09-02 07:17||fman||Fixed in Version||=> 1.9.17 (2017 Q2)|
|2017-09-02 07:17||fman||Resolution||open => fixed|
|2017-09-05 18:44||tjosephine||Note Added: 0026820|
|2017-09-05 18:45||tjosephine||File Added: insufficient rights.png|
|2017-09-09 10:57||fman||Note Added: 0026828|
|2017-09-09 10:59||fman||Note Edited: 0026828||View Revisions|
|2017-09-09 11:01||fman||Note Edited: 0026828||View Revisions|
|2017-09-09 11:10||fman||Note Edited: 0026828||View Revisions|
|2017-09-09 11:11||fman||File Added: Screen Shot 2017-09-09 at 13.08.54.png|
|2017-09-09 11:11||fman||File Added: clientCreatePlatformDOVI.php|
|2017-09-09 11:12||fman||Note View State: 0026828: public|
|2017-09-09 11:13||fman||Relationship added||related to 0008072|
|2017-09-11 20:15||tjosephine||Note Added: 0026831|
|2017-09-12 04:30||fman||Relationship added||child of 0007817|
|Copyright © 2000 - 2018 MantisBT Team|