-
Bug
-
Resolution: Unresolved
-
Normal
-
None
-
4.15
-
None
-
Quality / Stability / Reliability
-
False
-
-
0
-
Important
-
No
-
None
-
None
-
None
-
Sprint 277, Sprint 278
-
2
-
None
-
None
-
None
-
None
-
None
-
None
-
None
Description of problem:
user with sufficient privilege cannot view the data in Observer -> Dashboard, but the data could be checked via Impersonating User
Version-Release number of selected component (if applicable):
4.15.0-0.nightly-2023-12-25-100326
How reproducible:
Always
Steps to Reproduce:
1.Create ClusterRole
oc create -f - <<EOF
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: auto-test-metrics-reader
rules:
- apiGroups:
- ''
resources:
- namespaces
verbs:
- get
- list
- watch
EOF
2. Grant the cluster role to a normal user
$oc adm policy add-cluster-role-to-user auto-test-metrics-reader <User>
3. Login OCP as normal user, navigate to Observe -> Dashboards page
4. Check if user is able to view
5. Login OCP as administrator, navigate to Users page, and 'Impersonate User', then repeat the check in Step 3-4
Actual results:
user cannot view the data in the dashboard
Expected results:
'Impersonate user' and 'normal user' should have same behavior
Additional info:
https://drive.google.com/file/d/1HeaP1bh4wTlNXM-PRm1R8Xqz8QUC6yJw/view?usp=drive_link