Fixes #39538 - Host actions are disabled after bulk action#11110
Fixes #39538 - Host actions are disabled after bulk action#11110MariaAga wants to merge 1 commit into
Conversation
There was a problem hiding this comment.
Pull request overview
This PR addresses a regression in the new Hosts page where, after running a bulk action and the table refreshes, host row actions (kebab menu: edit/clone/delete) become disabled because the refreshed host API response no longer includes permission flags.
Changes:
- Adds permission checks via
usePermissions(sourced from Foreman metadata permissions) inHostsIndex. - Updates row kebab action disabling logic to rely on the new permission checks instead of per-row API fields.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| const coreRowKebabItems = ({ id, name: hostName, compute_id: computeId }) => [ | ||
| { | ||
| title: __('Edit'), | ||
| onClick: () => { | ||
| window.location.href = foremanUrl(`/hosts/${id}/edit`); |
There was a problem hiding this comment.
Copilot does have a point here. The permissions available thru ForemanContext are user-level and not resource-level.
There was a problem hiding this comment.
how can users restrict on host level?
There was a problem hiding this comment.
the other solution would be to re-call the api on every hosts api call, to include permission (not really a good solution)
or to start editing all the host bulk actions to include the permissions (we plan to unify all the host bulk actions later, as we dont have much capacity now)
There was a problem hiding this comment.
In our RBAC system you can have a filter that says "this user can only edit these hosts," and describes those hosts via a saved search. The row-level can_edit, etc. (apparently?) takes that into account, while the general "does the user have edit_hosts permission" doesn't.
There was a problem hiding this comment.
The API will still prevent unauthorized actions, but assuming it's actually the case that the row-level nodes work with those special filters, I think the fallback makes sense.
There was a problem hiding this comment.
I'll update all the bulk models already
jeremylenz
left a comment
There was a problem hiding this comment.
Wait, after the changes I no longer see any permission-related code?
new host page - to reproduce run one of the bulk actions - for example: change location, after the data refresh, the permissions dont get loaded, so the host kebab (edit,clone, clone) are disabled.
Updated all bulk actions to use the same refresh data function, that includes permissions.